> Dear Group, > > I am not a webdav expert but I read on a microsoft website, that microsoft > disabled Basic Authentication for windows due to security reasons of the > Basic Authentication standard. I also read "The most serious flaw in Basic > authentication is that it results in the essentially cleartext transmission > of the > user's password over the physical network." on this website: > http://www.webdav.org/specs/rfc2617.html#rfc.section.4.1 > > If I get this right, it is not a good idea that owncloud only uses this type > of > Authentication standard? [Andre Schild]
This is no problem as long as you use https, then then password is safe. If you don't use https, then anyway you security is compromised, it does then not matter if your send the password in cleartext or some other half-secure way André _______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
