Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)

To: debian-project@lists.debian.org
Cc: Bastian Blank <waldi@debian.org>
Subject: Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)
From: Steve Langasek <vorlon@debian.org>
Date: Sat, 30 Aug 2008 22:54:59 -0700
Message-id: <[🔎] 20080831055459.GC13918@dario.dodds.net>
Mail-followup-to: Steve Langasek <vorlon@debian.org>, debian-project@lists.debian.org, Bastian Blank <waldi@debian.org>
In-reply-to: <[🔎] 20080830231632.GA9572@wavehammer.waldi.eu.org>
References: <20080827120031.GA32039@intrepid.palfrader.org> <20080828071223.GC7061@dario.dodds.net> <20080828193141.GK9633@anguilla.noreply.org> <[🔎] 20080830123208.GD9633@anguilla.noreply.org> <[🔎] 20080830164857.GA23848@country.nixsys.be> <[🔎] 20080830231632.GA9572@wavehammer.waldi.eu.org>

On Sun, Aug 31, 2008 at 01:16:32AM +0200, Bastian Blank wrote:
> On Sat, Aug 30, 2008 at 06:48:57PM +0200, Wouter Verhelst wrote:
> > (for some infathomable reason, the firefox developers consider Negotiate
> > authentication to be unsafe with untrusted and/or non-SSL hosts. Dunno
> > why that is, and never saw a compelling argument...)

> Negotiate auth does not provide confidentiality or integrity protection
> different to the normal use of kerberos.

Well, ok, but you're negotiating *authentication*.  Why are confidentiality
and integrity protection required for that?  Firefox doesn't exactly have
HTTP basic auth support disabled by default, either...

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Reply to:

Follow-Ups:
- Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)
  - From: Bastian Blank <waldi@debian.org>

References:
- transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)
  - From: Peter Palfrader <weasel@debian.org>
- Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)
  - From: Wouter Verhelst <wouter@debian.org>
- Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Re: transfering files between *.debian.org hosts
Next by Date: Re: transfering files between *.debian.org hosts
Previous by thread: Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)
Next by thread: Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)
Index(es):
- Date
- Thread