[Ach] http Auth Basic vs. Digest
Pepi Zawodsky
pepi.zawodsky at maclemon.at
Tue Nov 5 00:52:56 CET 2013
Is there anything to say against Digest auth in an https connection? Or anything pro Basic auth?
I personally thing that plaintext credentials do not belong anywhere even in an https connection.
What do you think about the risk of credentials at rest in .htpasswd vs. in motion in https?
Best regards
Pepi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131105/b3c39ce0/attachment.sig>
More information about the Ach
mailing list