An authentication question
Adam Fields
fields at surgam.net
Mon Aug 5 16:12:30 EDT 2002
If you were going to open up an interface to allow known parties to
upload files to you via web form submission, would you want to 1)
distribute passwords to them and let them sign in to a page where they
could upload the files over SSL, or 2) allow anyone to upload files
and require that authorized parties sign (and/or encrypt) the files
before uploading them, rejecting any that weren't signed with a valid
key?
Are these two scenarios equivalent from a security standpoint?
--
- Adam
-----
Adam Fields, Managing Partner, fields at surgam.net
Surgam, Inc. is a technology consulting firm with strong background in
delivering scalable and robust enterprise web and IT applications.
Ask about Vignette maximization: http://www.surgam.net/vignette.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list