Reputation: 21577
HTTP Auth over SSL secure?
we actually try to implement a secure way to get some local files over a webserver. as vpn can't be used, what do you think about http authentication over ssl and a e.g. php script, that serves a local fie based on an extra api hash-key?
is http authentication over ssl secure?
thanks!
Upvotes: 0
Views: 123
Answers (1)
Reputation: 14223
Secure is a very subjective word, and needs to be factored against the motivation and/or resources of a would-be attacker. If what you're doing is unlikely to attract the attention of a motivated organisation with plenty of computing resources, the answer is probably, based on sensible selection of key size, algorithms, etc.
The biggest risk to the security of anything over SSL is probably keeping your private key private. :)
Upvotes: 1
Related Questions
- Should I hash the password before sending it to the server side?
- HTTP basic authentication over SSL for REST API
- Is username and password in HTTPS URL secure?
- Is this simple REST authentication scheme secure?
- Is SSL enough for protecting a request and its headers?
- SSL - Hash Password or Not
- HTTP basic auth over SSL
- Using hash of password with SSL
- Is basic auth with SSL secure enough?
- How do I secure authentication but not the payload?