[thelist] authenticating with mozilla/opera/w3 validator

Chris W. Parker cparker at swatgear.com
Fri Nov 22 11:09:01 CST 2002


> -----Original Message-----
> From: Paul Cowan [mailto:evolt at funkwit.com]
> Sent: Thursday, November 21, 2002 8:04 PM
> To: thelist at lists.evolt.org
> Subject: Re: [thelist] authenticating with mozilla/opera/w3 validator
>
>
>
> Chris W. Parker wrote:
> > as far as the SSL thing goes, are suggesting that the site be hosted
> > from https:// and the authentication turned down to basic?
>
> Well, yep. If it's important that it runs in other browsers, that is.
>
> Basically, your options are:
>     - just use IE, and stick with NTLM auth
>     - switch to https:// (you can make IIS _require_ secure
>       access for the site) and change to basic auth
>     - change to basic auth, and leave passwords sent in plain
>       text. This would be a bad thing.
>     - use client certificates instead (insert vomiting noise
>       here)
>     - turn off the need to auth at all
>     - that's about it really

i'll have one #1, extra #2, and a side of #4. ok fine, bad joke.

the server is actually our mail server so it is publicly reachable.
because of this i'll just stick with #1.

however if it were a server that could not be reached from the outside
(i.e. it did not have a NAT entry in the router) i would go with #3 or
#5.


thanks for the help paul.

chris.



More information about the thelist mailing list