Roger Hågensen <rescator@emsai.net> writes: > Also http logins with plaintext transmission of passwords/passphrases > need to go away, and is a pet peeve of mine, I detest Basic > HTTP-Authentication which is plaintext. Note that Basic Auth + HTTPS provides reliable transport security. > Hashing the password (or passphrase) in the client is the right way to > go, but currently javascript is needed to make that possible. Do you know about HTTP digest authentication? <http://en.wikipedia.org/wiki/Digest_access_authentication> -- Nils Dagsson Moskopp // erlehmann <http://dieweltistgarnichtso.net>Received on Friday, 17 October 2014 15:09:56 UTC
This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 17:00:24 UTC