Bugtraq mailing list archives
Re: Plain text passwords--necessary
From: taral () TARAL NET (Taral)
Date: Mon, 19 Apr 1999 14:32:00 -0500
On Mon, 19 Apr 1999, Phillip Vandry wrote:
Method Client Wire Server ------ --------- --------- --------- PAP Clear Clear Encrypted CHAP Clear Encrypted Clear And I don't think we can do better than that. We can encrypt at only one stage of the process. We have to make a tradeoff.
Not true: PK Clear Encrypted Encrypted PK = public key encryption (yes, some can be used with arbitrary passwords as private keys) Taral
Current thread:
- Re: Plain text passwords--necessary Francisco M. Marzoa Alonso (Apr 16)
- <Possible follow-ups>
- Re: Plain text passwords--necessary Aleph One (Apr 16)
- Re: Plain text passwords--necessary Phillip Vandry (Apr 19)
- Corrected Linux 2.2.5 FIN/NULL/XMAS block patch Taral (Apr 19)
- Re: Corrected Linux 2.2.5 FIN/NULL/XMAS block patch Taral (Apr 20)
- Re: Plain text passwords--necessary Taral (Apr 19)
- Re: Plain text passwords--necessary Phillip Vandry (Apr 19)
- Re: Plain text passwords--necessary Trevor Schroeder (Apr 19)
- bug in ssh allowing to be invissible Grzegorz Stelmaszek (Apr 19)
- Re: bug in ssh allowing to be invissible Pete (Apr 20)
- Re: bug in ssh allowing to be invissible Joe Gross (Apr 20)
- NetBSD Security Advisory 1999-009 matthew green (Apr 20)
- Bash Bug Shadow (Apr 20)
- Re: Bash Bug Marc Lehmann (Apr 21)
- Re: Bash Bug Pavel Kankovsky (Apr 22)
- Re: Bash Bug Chet Ramey (Apr 22)
- L0pht Security Advisory: Cold Fusion App Server Weld Pond (Apr 21)