Re: 'Corporate login' for a customer to a website

---

• From: Paul <gupta@xxxxxxxxxxxxxxxxxx>
• Date: Wed, 11 Jul 2007 14:00:51 +0100

---

On Wed, 11 Jul 2007 22:26:56 +1000, Ken Schaefer wrote:

The only real way to have secure authentication is to have a shared secret
that both the client, and you, share. That can either be a password, or a
client certificate, or some kind of federated identity/SSO system (e.g.
provided by ADFS).

Cheers
Ken

Thanks Ken

My understanding is that a client certificate is unique per workstation -
isn't that going to be large overhead on management?
.

---

• Follow-Ups:
  • Re: 'Corporate login' for a customer to a website
    • From: Ken Schaefer

• References:
  • 'Corporate login' for a customer to a website
    • From: Paul
  • Re: 'Corporate login' for a customer to a website
    • From: Ken Schaefer

• Prev by Date: Re: 'Corporate login' for a customer to a website
• Next by Date: Is it safe using Basic Authentication when using HTTPS
• Previous by thread: Re: 'Corporate login' for a customer to a website
• Next by thread: Re: 'Corporate login' for a customer to a website
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.inetserver.iis.security  > 2007-07