According to Jerry Popek at Locus, PCI uses a proprietary encoding --
you'd have to know what they're using to sniff and decode the password
exchange. From a practicle standpoint, if you have someone sniffing your
net, you have bigger problems than just someone finding a PC connecting
to AFS's password....
-jk
On Wed, 3 Aug 1994 [EMAIL PROTECTED] wrote:
> Do you know anything about the nature of the password exchange between
> the PC and client to obtain AFS tokens? Is it secure from eavesdropping
> attacks?
>
> The password is not sent in the clear, but I don't think it's entirely
> secure either.
>
