Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)
On Sun, Aug 31, 2008 at 01:16:32AM +0200, Bastian Blank wrote:
> On Sat, Aug 30, 2008 at 06:48:57PM +0200, Wouter Verhelst wrote:
> > (for some infathomable reason, the firefox developers consider Negotiate
> > authentication to be unsafe with untrusted and/or non-SSL hosts. Dunno
> > why that is, and never saw a compelling argument...)
> Negotiate auth does not provide confidentiality or integrity protection
> different to the normal use of kerberos.
Well, ok, but you're negotiating *authentication*. Why are confidentiality
and integrity protection required for that? Firefox doesn't exactly have
HTTP basic auth support disabled by default, either...
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/