On Sat, May 2, 2009 at 11:27 PM, Paul Johnston <paul....@gmail.com> wrote: > However, the use of JavaScript MD5 is not widespread. I think this is > because few authentication libraries support it. It is possible for a > library to provide JavaScript MD5 as an authentication mechanism, with > the details hidden from the application developer. In fact, it's quite > easy to implement, and there is a lot of guidance on my site.
I think it is not widespread because it is not in any way whatsoever an improvement when compared to sending credentials in the clear over a non-secure connection. The only options are SSL or more complicated protocols which do not use the transmission of a single password or password-like credential. -- "Bureaucrat Conrad, you are technically correct -- the best kind of correct." --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
