Hi, On Tue, May 23, 2006 at 10:02:33PM -0400, Michael Stone wrote: > (E.g., want to be able to test > without the complexity of an encryption layer, don't want overhead of > encrypting both sides of a local connection, etc.) Aside from that, > yeah, ip addresses shouldn't be used for authentication on untrusted > networks. (Though they are useful as one layer of security, to mitigate > the risk of vulnerabilities in the encryption routines.) Full ACK. It's one additional layer of security, but should never be relied upon alone. Uwe. -- Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org
Attachment:
signature.asc
Description: Digital signature