Re: Insecure WWW Access Authorization Protocol?

Tony Sanders (sanders@BSDI.COM)
Tue, 8 Mar 1994 23:10:50 --100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: michael shiplett: "Re: Insecure WWW Access Authorization Protocol?"
Previous message: Rob Earhart: "Re: Insecure WWW Access Authorization Protocol?"
Maybe in reply to: Wayne Allen: "Insecure WWW Access Authorization Protocol?"
Next in thread: michael shiplett: "Re: Insecure WWW Access Authorization Protocol?"

michael shiplett writes:
> "ts" == Tony Sanders <sanders@BSDI.COM> writes:
> The URL is as trustworth as the source of the URL--whether the
> source is in or out of band.
If you cannot trust the server reply to get the realm information from
then why do you think you can trust the URL? You have exactly the
same problems as when you started.

--sanders

Next message: michael shiplett: "Re: Insecure WWW Access Authorization Protocol?"
Previous message: Rob Earhart: "Re: Insecure WWW Access Authorization Protocol?"
Maybe in reply to: Wayne Allen: "Insecure WWW Access Authorization Protocol?"
Next in thread: michael shiplett: "Re: Insecure WWW Access Authorization Protocol?"