2011/1/14 Laurent Guyon <laurent.gu...@adelux.fr>
> Le vendredi 14 janvier 2011 à 10:58 +0100, Hartmut Goebel a écrit :
>
> > Yes, and send the password unencrypted. *gnaa*
>
> A channel can be encrypted but not authenticated ^^
> Laurent
>
>
Hi,
I followed this thread quite "diagonally" (so sorry if this reply looks to
you noise ;)) but the opposite of this also true :
a channel can be "securely" authenticated but not encrypted (once
authenticated) :p
eg: APOP method of POP3 protocol and others methods like that.. anything
based on hashed login&password basically (with a salt).
but doing authentication over an encrypted channel is by design the best
that can be done for this matter.
was just my 2cents ;)
greg.
------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid them. Understand
malware threats, the impact they can have on your business, and how you
can protect your company and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Shinken-devel mailing list
Shinken-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shinken-devel
