RE: Re: Cookies at XML Europe 2004 -- Call for Participation

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

To: "'xml-dev@l...'" <xml-dev@l...>
Subject: RE: Re: Cookies at XML Europe 2004 -- Call for Participation
From: Ralph Hilken <ralph.hilken@a...>
Date: Tue, 6 Jan 2004 13:51:04 -0500

On Tuesday, January 06, 2004 10:47 AM EDT, Elliotte Rusty Harold
wrote:

> Why not? Also a good question. I think it's mostly a matter of 
> history and unfamiliarity with the design and technology of the Web, 
> as well as inertia.

Hello Harold:

In addition to HTTP authentication not being deployed due to lack of
popularity or experience with it, there are the recent "phishing"
exploits publicized, with warnings published by E-Week:
 http://www.eweek.com/article2/0,4149,1409700,00.asp
 http://www.eweek.com/article2/0,4149,1399670,00.asp

and Microsoft:
 http://support.microsoft.com/?id=833786

This will not promote usage of a technology when you are warned about 
its use (quoted from the above Microsoft Knowledge Base Article):
"The following list shows some of the characters that may appear in a 
URL that could lead to a spoofed Web site: 
%00
%01
@"

Made me have second thoughts about deploying HTTP authentication.  Shame 
we have to deal with this.

Regards,
Ralph

Follow-Ups:
- RE: Re: Cookies at XML Europe 2004 -- Call for Particip ation
  - From: Elliotte Rusty Harold <elharo@m...>

Prev by Date: Re: Re: Cookies at XML Europe 2004 -- Call for Particip ation
Next by Date: Re: Another mutated variant of the 'PowerPoint makes yo udumb'story
Previous by thread: Re: Re: Cookies at XML Europe 2004 -- Call for Particip ation
Next by thread: RE: Re: Cookies at XML Europe 2004 -- Call for Particip ation
Index(es):
- Date
- Thread

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >