[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Apparently the practice was prevalent

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Apparently the practice was prevalent
From: Cael Abal <lists2@onryou.com>
Date: Mon, 09 Feb 2004 22:26:46 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm of the opinion that reinterpreting these particular ancient RFCs
is really of no practical use and that this thread probably deserves
to die a quiet death.

The fact of the matter is, regardless of what the RFCs have to say
about the subject, Microsoft's abandoning of the username:password
http/https feature should drastically hinder an entire class of
unelegant phishing schemes.  This is a good thing.

The patch will also act as another (albeit tiny) nudge away from the
tradition of passwords saved and used in-the-clear, which is also a
good thing.

Does anything else really need to be said?

C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)

iD8DBQFAKE92R2vQ2HfQHfsRAkFtAKDFcJ066Y2tZyywnC7PArwedVezdwCeJPfO
cRPsvmzrtG/B0qbxoxROFec=
=Bd96
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Apparently the practice was prevalent
  - From: "Schmehl, Paul L" <pauls@utdallas.edu>

Prev by Date: Re: [Full-Disclosure] DoomJuice.A, Mydoom.A source code
Next by Date: RE: [Full-Disclosure] Virus infect on single user
Previous by thread: RE: [Full-Disclosure] Apparently the practice was prevalent
Next by thread: RE: [Full-Disclosure] Apparently the practice was prevalent
Index(es):
- Date
- Thread