Re: Plain text passwords--necessary

From: Taral (taralat_private)
Date: Mon Apr 19 1999 - 12:32:00 PDT

Next message: Chet Ramey: "Re: Buffer overflow in BASH"

Previous message: Densin Roy.: "Re: Plain text passwords--necessary"
Maybe in reply to: Joel Maslak: "Plain text passwords--necessary"
Next in thread: Chris: "Re: Plain text passwords--necessary"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 19 Apr 1999, Phillip Vandry wrote:

> Method  Client     Wire       Server
> ------  ---------  ---------  ---------
> PAP     Clear      Clear      Encrypted
> CHAP    Clear      Encrypted  Clear
>
> And I don't think we can do better than that. We can encrypt at only one
> stage of the process. We have to make a tradeoff.

Not true:

  PK      Clear      Encrypted  Encrypted

PK = public key encryption (yes, some can be used with arbitrary
passwords as private keys)

Taral

Next message: Chet Ramey: "Re: Buffer overflow in BASH"
Previous message: Densin Roy.: "Re: Plain text passwords--necessary"
Maybe in reply to: Joel Maslak: "Plain text passwords--necessary"
Next in thread: Chris: "Re: Plain text passwords--necessary"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:43:08 PDT