- From: And Clover <and-py@doxdesk.com>
- Date: Mon, 10 May 2010 13:08:21 +0200
On 05/07/2010 07:06 PM, Juuso Hukkanen wrote: > the auth="verisign" argument, which _is_ enough to prevent all practical > (,even if they are all theoretical!,) man-in-the-middle attacks. No it doesn't. The initial page load stage is by necessity unencrypted, and so an active MitM attack could simply remove the tag, or add a JS keylogged script to the page, or whatever other method an attacker might choose. Unless the user is expected to view source and check every last byte of the page and scripts used in it (which will never happen), they have no way to know their communications are secure. In any case, if you add CAs, your proposal becomes just as 'heavy' as HTTPS. What advantage does your proposal have over HTTPS, then? Because it appears to have many disadvantages. As for password 'salting', client-side challenge-response authentication is already addressed much more securely by Digest Authentication, Kerberos, or JS approaches. And if you have HTTPS, it's not really so bad to send a plain password to the server, which will hopefully hash/salt it itself. You have to send a plain password in order to set it in the first place anyway. > <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> Don't do that. That's a basic, beginner-author XSS vulnerability. -- And Clover mailto:and at doxdesk.com http://www.doxdesk.com/
Received on Monday, 10 May 2010 04:08:21 UTC