[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Client authentication with Kerberos ticket

From: Samay <getafix123_at_hotmail.com>
Date: 2006-12-21 10:44:03 CET

> Why ? Is GSSAPI over http less secure than Basic over http ?
>

GSSAPI (SPNego) is lot more secure thn Basic method when used over HTTP. As
username/password never travels on the wire. Payload is in clear
irrespective of the method. I fail to see logic to restrict SPNego/GSSAPI to
HTTPS only!

..L8rz!

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Dec 21 10:49:00 2006

This is an archived mail posted to the Subversion Users mailing list.