On Wed, Jan 28, 2009 at 7:18 AM, André Warnier <aw@xxxxxxxxxx> wrote: > Anyway, the OP did not sound like he was talking about an access to Fort > Knox, although you never know.. Oh shoot! Now you've blown my cover! =J Man in the middle is what it is, I'm not really that concerned about it because I'm not dealing with anything too critical. I just want to provide some fairly robust security for a handful of users. I've got a lot to work with from this conversation, which is good. Ultimately, I'm going to leave it up to users whether or not they want to connect with HTTPS, and make it clear that this is the only way to really secure the session and data. Thanks again, -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://pgp.mit.edu/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx