Re: Insecure WWW Access Authorization Protocol?

Tony Sanders <sanders@BSDI.COM>

Mail folder: WWW Talk Jan 94-present
Next message: michael shiplett: "Re: Insecure WWW Access Authorization Protocol? "
Previous message: Peter Lister, Cranfield Computer Centre: "Re: Insecure WWW Access Authorization Protocol?"
Maybe in reply to: michael shiplett: "Re: Insecure WWW Access Authorization Protocol? "
Reply: michael shiplett: "Re: Insecure WWW Access Authorization Protocol? "

Errors-To: listmaster@www0.cern.ch
Date: Tue, 8 Mar 1994 20:02:45 --100
Message-id: <199403081857.MAA27726@austin.BSDI.COM>
Errors-To: listmaster@www0.cern.ch
Reply-To: sanders@BSDI.COM
Originator: www-talk@info.cern.ch
Sender: www-talk@www0.cern.ch
Precedence: bulk
From: Tony Sanders <sanders@BSDI.COM>
To: Multiple recipients of list <www-talk@www0.cern.ch>
Subject: Re: Insecure WWW Access Authorization Protocol? 
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
Content-Length: 186

michael shiplett writes:
> pl> beforehand is the URL, we must map the URL to a Kerberos
> pl> principal.
You cannot trust the URL anymore than you can trust the server reply.

--sanders