O'Reilly logo

Practical Internet Groupware by Jon Udell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security

RFC1244 (July 1991, Site Security Handbook) surveys a range of issues that remain paramount concerns for a groupware developer/administrator who straddles the intranet/Internet boundary. RFC1281 (November 1991, Guidelines for the Secure Operation of the Internet), which covers some of the same ground, stresses that “users are individually accountable for their own behavior” and “have a responsibility to employ available security mechanisms and procedures for protecting their own data.”

RFC2069 (January 1997, An Extension to HTTP : Digest Access Authentication) defines a mechanism like Windows NT’s Challenge/Response protocol. This mechanism enables an HTTP client to authenticate to a server using encrypted rather than cleartext credentials. Although implemented in some web servers, it has never been supported in mainstream browsers.

RFC2617 ( une 1999, HTTP Authentication: Basic and Digest Authentication) describes the original HTTP basic authentication scheme and updates RFC2069’s description of digest authentication.

Say the authors of RFC2246 (January 1999, The TLS Protocol Version 1.0):

This document and the TLS protocol itself are based on the SSL 3.0 Protocol Specification as published by Netscape. The differences between this protocol and SSL 3.0 are not dramatic, but they are significant enough that TLS 1.0 and SSL 3.0 do not interoperate (although TLS 1.0 does incorporate a mechanism by which a TLS implementation can back down to SSL 3.0.

For more information on Transport ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required