> From: "Jeffrey W. Baker" <[EMAIL PROTECTED]>
> Date: Sun, 06 Feb 2000 09:55:06 -0800
> Subject: Re: does ssl encrypt basic auth?
>
> Do you have some documentation on that? I say you are smoking crack.
When I set up my first secure site four years ago, the bank involved, (a major national
bank in Canada) insisted their tests proved what I said, and they had concerns about
the
Cybercash admin pages for the store owners to admin their databases. I set it up the
way I
said, and we passed their tests.
Maybe things are different with webservers now, but then, with the software we used
(true,
it was not a Netscape server), the authentication was activated before the ssl. :(
You are right, I should do some tests now, and see what webservers do what now. I hope
ssl
first, like you quoted. We use a lot of SecurID authentication here, even for web, so
encryption of the password is not really an issue anymore. :)
Now we are really off-topic. Lets kill it.
David McCabe Unix SysAdmin/Peon
Le Groupe Videotron [EMAIL PROTECTED] (514) 380 4433
Who were the beta testers for Preparations A through G?
