in reply to Re: Re: Ecrypting passwords
in thread Ecrypting passwords
Digest Auth still effectivly transfers the password in plaintext no? sure the client hashes to md5 or whatever but someone listning on the line can use that hash to auth just as easily as the plaintext version. I have not read the full RFC but that is my understanding of it.
-Waswas
-Waswas
In Section
Seekers of Perl Wisdom