This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Which of the following are correct about HTTP basic authentication mechanism? I took: Password is passed in encrypted form. Right answer: Password is passed as plain text. Explanation:Basic Authentication is not a secure authentication protocol. User passwords are sent in simple base64 encoding, and the target server is not authenticated. I think: base64 might be not secure but it is an encryption mechanism. Am I missing something? Axel [ February 28, 2002: Message edited by: Axel Janssen ]
Base64 encoding is not exactly an encryption. It's a conversion from ASCII format to Base64 format(as good as ASCII to say EBCDIC). You would not say that ASCII and EBCDIC are encryption mechanisms. Would you Just like ASCII represents A by 65, Base64 represents it by 0. For more info: http://www.faqs.org/rfcs/rfc1521.html