Full Disclosure mailing list archives
Re: HTTP AUTH BASIC monowall.
From: Tim <tim-security () sentinelchicken org>
Date: Mon, 13 Mar 2006 14:49:45 -0500
Well isn't the whole idea of SSH that the connection is encrypted? so it doesn't matter trough how many compromised networks it goes, since it gets encrypted at the sending computer and decrypted at the receiving one.
Wow, this reasoning is getting better all the time. How about this: I'll encrypt a message with AES, post the password/key for that message on a public message board so my buddy can read it, and then send him an email containing the encrypted message. That's secure right? The issue brought up has to do with authentication, not encryption. Authentication has to be good, or else encryption is 100% worthless. tim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- HTTP AUTH BASIC monowall. Simon Smith (Mar 13)
- Re: HTTP AUTH BASIC monowall. Matthijs van Otterdijk (Mar 13)
- Re: HTTP AUTH BASIC monowall. Tim (Mar 13)
- Re: HTTP AUTH BASIC monowall. Matthijs van Otterdijk (Mar 13)
- Re: HTTP AUTH BASIC monowall. Jeremy Bishop (Mar 13)
- Re: HTTP AUTH BASIC monowall. Simon Smith (Mar 13)
- Re: HTTP AUTH BASIC monowall. Jeremy Bishop (Mar 13)
- Re: HTTP AUTH BASIC monowall. Simon Smith (Mar 13)
- RE: HTTP AUTH BASIC monowall. Lyal Collins (Mar 13)
- Re: HTTP AUTH BASIC monowall. Tim (Mar 13)
- RE: HTTP AUTH BASIC monowall. Lyal Collins (Mar 13)
- Re: HTTP AUTH BASIC monowall. Jeremy Bishop (Mar 13)
- RE: HTTP AUTH BASIC monowall. Lyal Collins (Mar 13)
- Re: HTTP AUTH BASIC monowall. Tim (Mar 13)
- Re: HTTP AUTH BASIC monowall. Matthijs van Otterdijk (Mar 13)
