"Preston L. Bannister" wrote:
> I dislike the idea so much that I don't use basic authentication.
> Instead I send a small applet that encrypts the username/password before
> sending it back to the server.
>
I assume that you either encrypt using a public key protocol, with the
server's public key, or possibly use a (DL?) key exchange protocol to come up
with a symmetric session password?
I've been planning to do this, but so far haven't found any small applet-size
crypto libraries.
- Robb
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
