Could you use some of the Java Cryptography(JCE) stuff over normal HTTP?
I'm not sure of the specifics of your situation but this may be an
option.
->-----Original Message-----
->From: Nic Ferrier [mailto:[EMAIL PROTECTED]]
->Sent: Friday, August 24, 2001 9:56 AM
->To: [EMAIL PROTECTED]
->Subject: Re: password security
->
->
->> I want to ask about password ssecurity. I know when sending plain
->> text passwords over the net is a bad thing and it should be
->encrytped
->> first, but if i have an object that has the password stored
->in it thats
->> sent to the servlet is that safe enough to not be seen by a snooper?
->
->You mean send the password in an object over an ObjectOutputStream?
->
->No, that's not safe.
->
->Basically nothing is safe unless it is done over an HTTPS
->(HTTP over SSL)
->connection.
->
->
->Nic Ferrier
->
->______________________________________________________________
->_____________
->To unsubscribe, send email to [EMAIL PROTECTED] and
->include in the body
->of the message "signoff SERVLET-INTEREST".
->
->Archives: http://archives.java.sun.com/archives/servlet-interest.html
->Resources:
->http://java.sun.com/products/servlet/external-resources.html
->LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
->
->
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
