Re: [Erlug] SFTP

Andy Capp <ingegnere@xxxxxxxxxxxxxx> · 30 Jun 2002 15:10:00 +0200

Il dom, 2002-06-30 alle 13:02, dariondol ha scritto:

> Dici a parte il fatto che passa tutto in chiaro ?????? :))
Se intendi l'autentificazione dei client
è un problema di HTTP/1.1 più che di webDAV

Dal RFC 2518

 A password sent in the clear over an insecure channel is an inadequate
means for protecting the accessibility and integrity of a resource as
the password may be intercepted. Since Basic authentication for HTTP/1.1
performs essentially clear text transmission of a password, Basic
authentication MUST NOT be used to authenticate a WebDAV client to a
server unless the connection is secure. Furthermore, a WebDAV server
MUST NOT send Basic
authentication credentials in a WWW-Authenticate header unless the
connection is secure.

Andy

To:	erlug <erlug@xxxxxxxxxxxxxx>
Subject:	Re: [Erlug] SFTP
From:	Andy Capp <ingegnere@xxxxxxxxxxxxxx>
Date:	30 Jun 2002 15:10:00 +0200

<Prev in Thread]	Current Thread	[Next in Thread>
[Erlug] SFTP, Fabio Muzzi Re: [Erlug] SFTP, Maurizio Lemmo - Tannoiser Re[2]: [Erlug] SFTP, Fabio Muzzi Re[3]: [Erlug] SFTP, Fabio Muzzi Re: [Erlug] SFTP, Marco Innocenti Re: [Erlug] SFTP, Andy Capp Re: [Erlug] SFTP, Filippo Giunchedi Re: [Erlug] SFTP, dariondol Re: [Erlug] SFTP, Andy Capp <= [Erlug] backup via NFS, Fabio Scafa Re: [Erlug] backup via NFS, Fabio Muzzi

Previous by Date:	Re: [Erlug] tleds, Zen
Next by Date:	[Erlug] backup via NFS, Fabio Scafa
Previous by Thread:	Re: [Erlug] SFTP, dariondol
Next by Thread:	[Erlug] backup via NFS, Fabio Scafa
Indexes:	[Date] [Thread] [Top] [All Lists]