Re: No More Passwords In The Clear in HTTP!

Brian Behlendorf (brian@wired.com)
Mon, 9 Jan 1995 12:24:07 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Albert Lunde: "Re: No More Passwords In The Clear in HTTP!"
Previous message: Brian Behlendorf: "Re: No More Passwords In The Clear in HTTP!"
Maybe in reply to: Daniel W. Connolly: "No More Passwords In The Clear in HTTP!"
Next in thread: Daniel W. Connolly: "Re: No More Passwords In The Clear in HTTP!"
Reply: Daniel W. Connolly: "Re: No More Passwords In The Clear in HTTP!"

S: Here's a challenge.  Encrypt it.
C: Huh?  
S: oh, nevermind.  Send me your uuencoded password.
C: okay, here goes....

...which doesn't seem to be in the specs anywhere.  I'd prefer not to 
have two separate URL's for different authentication schemes, though I 
could hack around that by keeping around a list of browsers implementing 
challenge-response.

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@hotwired.com  brian@hyperreal.com  http://www.hotwired.com/Staff/brian/

Next message: Albert Lunde: "Re: No More Passwords In The Clear in HTTP!"
Previous message: Brian Behlendorf: "Re: No More Passwords In The Clear in HTTP!"
Maybe in reply to: Daniel W. Connolly: "No More Passwords In The Clear in HTTP!"
Next in thread: Daniel W. Connolly: "Re: No More Passwords In The Clear in HTTP!"
Reply: Daniel W. Connolly: "Re: No More Passwords In The Clear in HTTP!"