Yes, I know this. I'm using HTTP Basic inside SSL.
This thread is becoming mildly frustrating; nobody seems to want to
discuss the actual question I posted.
- a
Juliusz Chroboczek <[EMAIL PROTECTED]> writes:
>> I have a CGI script on the other end that runs darcs (using HTTP
>> authentication mechanisms for access control).
>
> Adamie,
>
> It's probably off topic for this list, but you do realise that HTTP
> basic authentication is known to be insecure, and HTTP digest
> authentication is not known to be secure, right?
>
> You should use HTTP/SSL (https) if you need security.
>
> Juliusz
--
PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380
Q: "Won't the pendulum swing back?"
A: "It has never been a pendulum. Think tectonic plates instead."
-- from patrick.net
_______________________________________________
darcs-users mailing list
[email protected]
http://www.abridgegame.org/mailman/listinfo/darcs-users
