Re: Insecure WWW Access Authorization Protocol?

Tony Sanders (sanders@BSDI.COM)
Tue, 8 Mar 1994 20:02:45 --100


michael shiplett writes:
> pl> beforehand is the URL, we must map the URL to a Kerberos
> pl> principal.
You cannot trust the URL anymore than you can trust the server reply.

--sanders