[bind10-dev] Security Mechanism for Cmdctl and Bindctl

Jeremy C. Reed jreed at isc.org
Mon Jun 14 14:37:31 UTC 2010


On Mon, 14 Jun 2010, Francis Dupont wrote:

> > BTW: Jeremy, I plan to send the password in plaintext, instead the way of
> > Digest access authentication. Some comments about it?
> 
> => "password in plaintext" is not suitable for a security mechanism.

Francis: I believe this means it is using HTTP/1.0 Authentication 
instead of RFC 2069 Digest Access Authentication. Either way, it is sent 
via SSL. Any thoughts on if plain text auth over SSL is not suitable?



More information about the bind10-dev mailing list