Hello SunandaDH,
Tuesday, October 21, 2003, 11:30:24 PM, you wrote:
Sac> The other problem is that URLs pass through a host of intervening machines
Sac> downstream of you and your server. So:
Sac> http://www.myserver.com/mycgi.r?username=carlos&password=#{A8C40A306844B07D7B3
Sac> C733C3A9EF479A
Sunanda,
Your words enlightened some obscure points of the matter to me
Thanks
Carlos
Em Ter 21 Out 2003 19:30, [EMAIL PROTECTED] escreveu:
> Carlos:
> > Is it secure to pass a checksum/secure value on a URL
> > I mean when GET method is used on CGI?
>
> Checksum/secure is proof against reverse
Thank you Ted
Em Ter 21 Out 2003 19:56, Ted Serpa escreveu:
> It would seem Carl's Cookbook entry "Strong Authentication Method" could
> serve as a useful example in this instance.
>
> http://www.rebol.net/cookbook/recipes/0019.html
>
> Ted
>
>
--
To unsubscribe from this list, just send an emai
y, October 21, 2003 4:30 PM
Subject: [REBOL] Re: reading back checksum/secure
>
> Carlos:
>
> > Is it secure to pass a checksum/secure value on a URL
> > I mean when GET method is used on CGI?
>
> Checksum/secure is proof against reverse engineering (given
> #{DE1876
Carlos:
> Is it secure to pass a checksum/secure value on a URL
> I mean when GET method is used on CGI?
Checksum/secure is proof against reverse engineering (given
#{DE187642E6C75F60D10F29E52CAB54CDF676870D} you'd have a hard job working it backwards
to the
original string).
But it isn't
day, October 21, 2003 3:42 PM
> To: [EMAIL PROTECTED]
> Subject: [REBOL] Re: reading back checksum/secure
>
>
>
> You can't. Checksumming (hashing) is a one-way operation
>
> > -Original Message-
> > From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTE
Andreas, Maarten
Is it secure to pass a checksum/secure value on a URL
I mean when GET method is used on CGI?
Carlos
Em Ter 21 Out 2003 17:10, Andreas Bolka escreveu:
> Tuesday, October 21, 2003, 8:42:31 PM, Carlos wrote:
> > Considering the following code, how can I get :pwd back in plain
> >
Joel,
I got it.
That's exactly what I was looking for.
The impossibility of getting back what was
passed to checksum makes it ideal for login routines
Thanks
Carlos
Em Ter 21 Out 2003 17:11, Joel Neely escreveu:
> Hi, Carlos,
>
> You can't. See below.
>
> Carlos Lorenz wrote:
> > Considering th
Hi, Carlos,
You can't. See below.
Carlos Lorenz wrote:
>
> Considering the following code, how can I get
> :pwd back in plain English?
>
>>>write %password.txt checksum/secure pwd
>>
>
>>>pwd: read %password.txt
>>
>
> == "ç'ÑFJá$6è§&Ú[/^QØ8^[&"
>
Check the help for CHECKSUM:
>> ? che
You can't. Checksumming (hashing) is a one-way operation
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
> Carlos Lorenz
> Sent: dinsdag 21 oktober 2003 20:43
> To: [EMAIL PROTECTED]
> Subject: [REBOL] reading back checksum/secure
>
>
> Hello list,
Tuesday, October 21, 2003, 8:42:31 PM, Carlos wrote:
> Considering the following code, how can I get :pwd back in plain
> English?
>>> pwd: ask "Enter password: "
> Enter password: mypass
> == "mypass"
>>> write %password.txt checksum/secure pwd
>>> pwd: read %password.txt
> == "ç'ÑFJá$6è§
11 matches
Mail list logo