[thelist] authenticating with mozilla/opera/w3 validator
Chris W. Parker
cparker at swatgear.com
Fri Nov 22 11:09:01 CST 2002
> -----Original Message-----
> From: Paul Cowan [mailto:evolt at funkwit.com]
> Sent: Thursday, November 21, 2002 8:04 PM
> To: thelist at lists.evolt.org
> Subject: Re: [thelist] authenticating with mozilla/opera/w3 validator
>
>
>
> Chris W. Parker wrote:
> > as far as the SSL thing goes, are suggesting that the site be hosted
> > from https:// and the authentication turned down to basic?
>
> Well, yep. If it's important that it runs in other browsers, that is.
>
> Basically, your options are:
> - just use IE, and stick with NTLM auth
> - switch to https:// (you can make IIS _require_ secure
> access for the site) and change to basic auth
> - change to basic auth, and leave passwords sent in plain
> text. This would be a bad thing.
> - use client certificates instead (insert vomiting noise
> here)
> - turn off the need to auth at all
> - that's about it really
i'll have one #1, extra #2, and a side of #4. ok fine, bad joke.
the server is actually our mail server so it is publicly reachable.
because of this i'll just stick with #1.
however if it were a server that could not be reached from the outside
(i.e. it did not have a NAT entry in the router) i would go with #3 or
#5.
thanks for the help paul.
chris.
More information about the thelist
mailing list