Re: Strong vs. Weak Authentication

From: John Veldhuis (john.veldhuis_at_universal.nl)
Date: 05/01/03

  • Next message: bluejay: "Re: How to delete file "entry" AND !!! file "body" on partition? Really delete "recoverable" file space"
    Date: Thu, 01 May 2003 09:39:06 +0200
    
    

    Matt C wrote:
    > What is the difference between Strong and Weak Authentication?
    >
    > I believe the typical HTTP username/password authentication is
    > considered Weak. If I use the same approach but send the data over SSL
    > does that make it Strong?
    >
    > If so, is that because of the use of Digital Certificates.
    >
    > A couple of simple examples would be very instructive.
    >
    > Thanks in advance,
    > Matt

    Hi Matt,

    Sending the login data over SSL would make your login data more
    confidential, but would not make the authentication stronger.

    When you would let the webserver require two way ssl authentication, so
    both the client and the server would authenticate themselves using
    Digital Certificates, that would be more in the direction of strong
    authentication.

    Groetjes
       John


  • Next message: bluejay: "Re: How to delete file "entry" AND !!! file "body" on partition? Really delete "recoverable" file space"

    Relevant Pages

    • Re: Exchange 2003 OWA Hyperlinks
      ... Make sure you enable anonymous access, ... > authentication, and Basic authentication. ... >> Matt McNeil ...
      (microsoft.public.exchange.admin)
    • Re: Locking down a directory
      ... your using the right approach to authentication, ... you could easily set an authentication flag in session and create an ... "Matt" wrote in message ... > my current access restriction system. ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: Get UPN in ASP
      ... > We are using the Windows authentication in the config file. ... > authenticated to IIS and the File System? ... >>> Matt ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: HTTP Get with Proxy authentication
      ... There's no real point in my posting anything, as the documentation does a ... take a look at the section on proxies and authentication. ... Matt ...
      (comp.lang.perl.misc)
    • Re: Mixed Mode Authentication in .net 2.0
      ... There are two parts to SSL, which is why this can be confusing. ... encryption and authentication of the server. ... ADFS supports a component called the federation service proxy which is ...
      (microsoft.public.dotnet.framework.aspnet.security)