|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Misleading sense of security in Netscape
Subject: Re: Misleading sense of security in Netscape
From: Steven M. Bellovin (smb
RESEARCH.ATT.COM)
Date: Fri Jan 14 2000 - 21:26:50 CST
- Next message: Max Vision: "Re: Anyone can take over virtually any domain on the net..."
- Previous message: Brian Mueller: "Re: Anyone can take over virtually any domain..."
- Maybe in reply to: Craig Ruefenacht: "Misleading sense of security in Netscape"
- Next in thread: Jefferson Ogata: "Re: Misleading sense of security in Netscape"
- Maybe reply: Steven M. Bellovin: "Re: Misleading sense of security in Netscape"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In message <387E245C.F279E367digsigtrust.com>, Craig Ruefenacht writes:
>It is well known throughout the Internet that the two most common
>protocols for reading email, POP3 (port 110) and IMAP (port 143), are
>sent in the clear over the network.
It's worth noting that many POP3 servers and clients support APOP
authentication, which eliminates the problem of the plaintext password going
over the wire. As best I can tell, Netscape's mail client doesn't give you
that choice.
--Steve Bellovin
- Next message: Max Vision: "Re: Anyone can take over virtually any domain on the net..."
- Previous message: Brian Mueller: "Re: Anyone can take over virtually any domain..."
- Maybe in reply to: Craig Ruefenacht: "Misleading sense of security in Netscape"
- Next in thread: Jefferson Ogata: "Re: Misleading sense of security in Netscape"
- Maybe reply: Steven M. Bellovin: "Re: Misleading sense of security in Netscape"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Mon Jan 17 2000 - 15:44:53 CST