Re: s/key authentication for Apache on FreeBSD?
bruce_at_nikkel.com
Date: 12/10/03
- Previous message: Brett Glass: "Re: s/key authentication for Apache on FreeBSD?"
- In reply to: Brett Glass: "Re: s/key authentication for Apache on FreeBSD?"
- Next in thread: Jason Stone: "Re: s/key authentication for Apache on FreeBSD?"
- Reply: Jason Stone: "Re: s/key authentication for Apache on FreeBSD?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 10 Dec 2003 21:26:23 +0100 To: security@freebsd.org
> What's needed is one-time passwords for "basic" authentication in
> Apache.
The problem with using s/key (or opie) together with http basic auth is
the repetive nature of http requests. The webserver would expect see
the basic authentication string with every single request. You would be
promtped for your next onetime password for every single gif or link on
the page requested. I don't know how practical that would be.
Bruce Nikkel
-- _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Brett Glass: "Re: s/key authentication for Apache on FreeBSD?"
- In reply to: Brett Glass: "Re: s/key authentication for Apache on FreeBSD?"
- Next in thread: Jason Stone: "Re: s/key authentication for Apache on FreeBSD?"
- Reply: Jason Stone: "Re: s/key authentication for Apache on FreeBSD?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
