Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Re: Re: Re: Secure Login

by pfaut (Priest)
on Apr 24, 2003 at 22:29 UTC ( #253023=note: print w/replies, xml ) Need Help??

in reply to Re: Re: Secure Login
in thread Secure Login

Offering secure logins doesn't help verify someone elses identity unless the insecure interface is shut down. Just because you can login in via a secure channel does not mean that the person who posted a link to their code never used the insecure interface.

Are you offering to pay for the site certificate? If not, the site will probably have to run with a self signed certificate. Would that make you feel more secure? A self signed certificate wouldn't mean a whole lot more to me than what we have now.

For the most part, things that get posted here are small snippets that can be easily audited by any competent perl programmer in a few minutes. Links to larger things are provided but the authenticity of those providers is better checked in other ways than a secure login here (like MD5 signatures with a verifiable key).

90% of every Perl application is already written.

Replies are listed 'Best First'.
Re^4: Secure Login
by adrianh (Chancellor) on Jul 09, 2003 at 16:32 UTC
    Are you offering to pay for the site certificate?

    I'd be more worried about the extra cost of the hardware :-) SSLing everything adds a significant CPU overhead (and it would need to be everything if it was going to make any difference, snooping the cookie would be just as simple as snooping the username/password).

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://253023]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (9)
As of 2021-03-01 10:37 GMT
Find Nodes?
    Voting Booth?

    No recent polls found