Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • WebDav is generally a good thing, but it does need to be done over SSL or using Digest authentication to make it secure.

    Of course, sharing the password with other systems, whilst very convenient in practise can also lead to these sorts of exposures.

    However, I don't see much reason why they can't run pop3 / IMAP over SSL as well. It's not difficult to do and increases the security a lot.

    -Dom

    • WebDav is generally a good thing, but it does need to be done over SSL or using Digest authentication to make it secure.

      WebDAV is done via SSL. This in itself is ok. Not so ok is the lack of encryption for every other service.

      As for why they haven't yet migrated to SSL for at least the mail-service is beyond me as well. It has been suggested to them often enough, but so far only a mumble that this is going to happen at some indefinite point in the future was returned.

      The only good thing about it is that