Re[2]: how do I keep a browser from caching files

Subject: Re[2]: how do I keep a browser from caching files
From: sweinron@uism.BU.EDU
Date: Wed, 24 Apr 96 12:42:08 EST
Cc: www-security@ns2.rutgers.edu

Jeff brings up an interesting point.  

There seems to be a pretty even distribution between sites that use passwords in
forms vs. HTTP authentication passwords.  Assuming that you are using SSL and a 
scheme where the password must travel from the browser to the server, what are 
the pros and cons of each approach, and what should one pay special attention to
with each.  Are there any sites of FAQ's that go into this discussion?

When using SSL, is form data sorted in the fat.db?  If so, is it encrypted?  I 
only found http references in the file, not https?

Stan Weinronk
Lead, Applications Technical Support Boston University, UIS00
881 Commonwealth Ave
Boston Ma, 02215
USA

_______________________________________________________________________________


Stan


______________________________ Reply Separator _________________________________
[snip]
Only passwords that were entered into HTML forms were getting put into the 
fat.db file.  HTTP authentication passwords are never written to disk.

--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist Netscape Communication 
Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed 
above are mine.

---- message ------

Follow-Ups:

Re: Re[2]: how do I keep a browser from caching files

From: Jeff Weinstein <jsw@netscape.com>

Previous: Re: Proxy Authentication
Next: NASA Computer Security Conference - Info
Index(es):
- Index
- Thread