On Mon, 11 Nov 2002, Mark Hedges wrote: > Possibly, although if you use https to access the page, I thought the > htaccess password is transmitted in the http header and so is not > encrypted in the data section. Anyway, I'm sure something good will come > around in the next release. Thanks. --mark-- > > On Mon, 11 Nov 2002, Sergio A. Kessler wrote: > > > Date: Mon, 11 Nov 2002 17:14:17 -0300 > > From: Sergio A. Kessler <[EMAIL PROTECTED]> > > Reply-To: [EMAIL PROTECTED] > > To: [EMAIL PROTECTED] > > Subject: [SL] Re: maintaining sessions securely > > > > > > > > mark, this issue has been bitten to death...
As Dieter is (one of) the one(s) biting I wouldn't be so sure about improvements in this area, unfortunately :-( Unless of course we pursuade him that security is not something that the OS/browser/httpd daemon should take care of, or is too easy to circumvent anyway (e.g. by physically looking over your shoulder). Dieter: Please tell me that I am wrong in these accusations about you. I use SQL-Ledger myself, and see it as a powerful tool. But as is I do not dare packaging it officially for Debian. - Jonas -- Jonas Smedegaard (+45 40843136) http://dr.jones.dk/~jonas/ Spiff ApS (= IT-guide dr. Jones ApS) http://dr.jones.dk/ Debian GNU/Linux developer http://people.debian.org/~js/
