[JDEV] registering a new user
Jens Alfke
jens at mac.com
Thu May 24 12:17:12 CDT 2001
On Thursday, May 24, 2001, at 09:44 AM, Dustin Puryear wrote:
> Assuming a non-SSL client, wouldn't this make the use of digest
> authentication a bit "too little, too late" in many situations?
Any mechanism that could allow the client to securely transmit a
password to the server in the absence of any prior shared secrets, would
have to involve some sort of public-key crypto. This would make it
nearly as complex as SSL, so why not just use SSL, which provides the
additional benefit of encrypting the entire session including message
contents?
—Jens
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 786 bytes
Desc: not available
URL: <https://www.jabber.org/jdev/attachments/20010524/2e8c8371/attachment-0002.bin>
More information about the JDev
mailing list