Subj : WEB Access BBSes
To   : Andy Ball
From : Stephen Hurd
Date : Mon Oct 25 2004 04:40 pm

  Re: WEB Access BBSes
  By: Andy Ball to Michel Samson on Sun Oct 24 2004 19:58:46

 > Telnet sends your password, everything that the remote system sends for disp
 > on your screen and everything that you type, to and from the remote host in
 > unencrypted clear text. How is this any more secure than an unencrypted HTTP
 > connection?
 > 
 > A Web interface to a BBS could also be made less insecure by making use of S
 > and HTTPS.  A text-based BBS could be made less insecure by enabling SSH and
 > disabling Telnet.

I'm also planning on added digest auth support for Synchronets web server...
which does not require the uid/pw to be transmitted in the clear.
--- SBBSecho 2.10-FreeBSD
 * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)

.