RE: [pmm-cms-developers] V2 Status - March 22, 2005

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

<FONT face=3D"Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size=
=3D2><div>Hello,</div><DIV>&nbsp;</DIV><DIV>Yes, I believe when I talked to=
 Professor Horn about htaccess before</DIV><DIV>(correct me if I'm wrong) t=
hat he said with htaccess the password is</DIV><DIV>sent in the clear.&nbsp=
; But, he mentioned to me that besides that problem,</DIV><DIV>which would =
only be detected when the password is typed and if </DIV><DIV>someone was u=
sing a&nbsp;program like Ethereal, that it is unhackable.&nbsp; Like,</DIV>=
<DIV>for example, the hidden .htaccess, .htgroup, .htpasswd, are not</DIV><=
DIV>accessible directly from the web (by typing in their file name) and the=
</DIV><DIV>password that is stored in the .htpasswd file is encrypted, so i=
t is safe.</DIV><DIV>It is an OK way to quickly keep a directory restricted=
, but SSL, from</DIV><DIV>what I am learning about it would be better.&nbsp=
; Mike, isn't SSL open?</DIV><DIV>And if so, then why would&nbsp;the statio=
ns even&nbsp;have to buy it?&nbsp; That </DIV><DIV>doesn't make sense to me=
.&nbsp; Isn't installing SSL on a server just like</DIV><DIV>installing PHP=
, MySQL and Apache?&nbsp; Those are required for this project</DIV><DIV>(an=
d others), so adding SSL should not be a problem, I wouldn't think.</DIV><D=
IV>It would be just like the PHP, MySQL and Apache requirement - pretty</DI=
V><DIV>necessary for security.</DIV><DIV>&nbsp;</DIV><DIV>- Patty -</DIV></=
FONT>=