[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security with http protocol
- To: Brad Fitzpatrick <bradfitz@bradfitz.com>
- Subject: Re: security with http protocol
- From: Jean-Pierre Mouilleseaux <jmouille@engin.umich.edu>
- Date: Fri, 12 Jan 2001 04:00:17 -0500
- Delivered-To: bradfitz@www2.bradfitz.com
- In-Reply-To: <00a701c07c74$5d288100$0c00000a@pepper>
- User-Agent: Microsoft-Entourage/9.0.2509
> That's on my todo list... first we need to get on the final IP address we're
> going to be using, since Verisign certificates are tied to an IP address (or
> is it a hostname? I forget)
excellent, nice to see some security in the works :0)
> In any case, I do plan to do that.
>
> If it makes you feel any better, the Windows and Linux clients send MD5
> hashed passwords... it's not plain text at least. (but somebody could still
> sniff it and reuse it...)
well unfortunately i am not running either os. i am a apple-ite and in turn
i am a huge advocate of mac os and even more so of mac os x.
i had some hopes of writing an mac os x native client but if there is
already someone working on the mac end of development i won't waste my time.
> In the meantime I'm setting up the web and windows/linux clients to do
> challenge/response over the insecure line.
again i just discovered your website this afternoon and i must say that it
is rather cool :0)
regards,
jean-pierre