On Donnerstag, 1. März 2007 17:13 Martin Hierling wrote: > i think it is not. Why exchange passwords if there is a trusted way > to say if the user is authenticated or not. > The shib website tells something about security, and after some > audits it is assumed to be safe.
After having a customer just yesterday with a (Linux) Apache Server with a rootkit, I think trusting in anything is unsecure anyway :-) mfg zmi -- // Michael Monnerie, Ing.BSc ----- http://it-management.at // Tel: 0676/846 914 666 .network.your.ideas. // PGP Key: "curl -s http://zmi.at/zmi4.asc | gpg --import" // Fingerprint: EA39 8918 EDFF 0A68 ACFB 11B7 BA2D 060F 1C6F E6B0 // Keyserver: www.keyserver.net Key-ID: 1C6FE6B0
pgpOLRNKmzk4m.pgp
Description: PGP signature
_______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
