A combonation of IP restriction and basic authentication over SSL, while not
ideal, would probably be better than most alternatives I can think of.
Josh Hoover
KnowledgeStorm, Inc.
[EMAIL PROTECTED]
Searching for a new IT solution for your company? Need to improve your
product marketing?
Visit KnowledgeStorm at www.knowledgestorm.com to learn how we can simplify
the process for you.
KnowledgeStorm - Your IT Search Starts Here
> SSL avoids the problem of someone sniffing the plain text data. We
> still have the problem: what data do we send? Anyone can forge
> credentials and send them over SSL. How does B know it came
> from A? I'm
> thinking of some key exchange method, but portability between the
> Microsoft and UNIX worlds makes this even trickier.
>
> --
> Bill Lubanovic
> Mad Scheme Limited
