Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

authentication types

 
Steven Colley
Ranch Hand
Posts: 290
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi folks, again

I got the following sentences in HFSJ (page 648).

- DIGEST - "stronger"
- Client Cert - "Strong"


But some mocks i got that "CC" would be stronger than "DIGEST", because it�s encrypted and DIGEST only uses MD5 encode...

What is teh correct answer?

Tks.
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It wouldn't have occurred to me to compare the two in terms of strength, as they do different things. I wouldn't say "something is only MD5 encoded". MD5 is not an encoding, not even a cipher, but a hash. Once something has been run through MD5, the contents can not be recovered.

Maybe what's meant here is that the crypto method of digests (one-way) is stronger than the one used with CCs (which I think is based on encryption, and thus two-way). But I'd consider the authentication provided by CCs to be stronger than the one provided by a digested password.
 
Gab Buda
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If we put the things in their context, they say that "BASIC" is weak and "DIGEST" is stronger (compared to BASIC); they don't say "DIGEST" is the strongest of all. That's what I understood.

hope this helps
Gabb
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic