Security of HTTP based authentication
tom at eborcom.com
Thu Jan 13 20:25:29 GMT 2011
On Thu, Jan 13, 2011 at 07:29:33PM +0000, Alexander Clouter wrote:
[Lots of good advice snipped]
> I personally would just HTTPS *everything*, the solution is in making
> your website cache friendly.
I don't understand this, given that nothing should cache HTTPS
responses. Using HTTPS and cache friendliness seem like two
contradictory goals to me.
For a more modern, improved service by the same author, see
More information about the london.pm