[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Entry Authentication

To: linuxkb-list@seul.org
Subject: Re: Entry Authentication
From: "Aaron D. Turner" <aturner@best.com>
Date: Wed, 20 Jan 1999 12:26:13 -0800 (PST)
In-Reply-To: <19990120151217.30612@pluto.ashtech.net>
Reply-To: linuxkb-list@seul.org
Sender: owner-linuxkb-list@seul.org

-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 20 Jan 1999, Daniel E. Markle wrote:

> On Wed, Jan 20, 1999 at 12:02:51PM -0800, Aaron D. Turner wrote:
> > Unless anyone sees a true benifit to do it this way, I say we just say
> > forget it and concentrate or limited resources to more productive issues.
> 
> I guess it comes down to which method is the easiest and most secure to use,
> and what exactly we want to use it for.

It sounds like the original method fits those requirements.  By making the
server/our code do all the work and not require the browser to do
something it makes it easier.  The fact that we don't have to do any
testing/research to find out how to make it work speaks volumes right
there.  Security is equal either way. You can put the cgi's in another
directory that is htpasswd protected.

What we want to use it for is shown in the entry flow that I did.  See:

http://vodka/~aturner/sysdoc/img/entryflow.gif

For the flow.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNqY75jM3jpXy1kJtAQGyJAP+KiZkehZfQamDe0/VPHjDmrm1TBcEaNGK
Shv/hf08Clt4HYtuJtsJ2d8iKOB7mO+ghAOukFvFMNLOEOIKcvh9TNu/Q3tbD/6E
ww+RcRqL3r9dp9x40NrUen02N/+k0kdqggd0CjLWZI4OWcVX9CfGkjAhI9uO/vBO
Xxdh6xAzcFo=
=H4fx
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: Entry Authentication
  - From: "Daniel E. Markle" <syntax@ashtech.net>

References:
- Re: Entry Authentication
  - From: "Daniel E. Markle" <syntax@ashtech.net>

Prev by Date: Authentification Rambling Continued
Next by Date: Re: Authentification Rambling Continued
Prev by thread: Re: Entry Authentication
Next by thread: Re: Entry Authentication
Index(es):
- Date
- Thread