[imp] encrypt login only?

Issac Goldstand margol at beamartyr.net
Tue Mar 23 00:58:44 PST 2004


----- Original Message ----- 
From: "Eric Rostetter" <eric.rostetter at physics.utexas.edu>
To: "Peter Horst" <phorst at ointment.org>
Cc: <imp at lists.horde.org>
Sent: Monday, March 22, 2004 7:14 PM
Subject: Re: [imp] encrypt login only?


> Quoting Peter Horst <phorst at ointment.org>:
>
> > Is it currently possible only to encrypt the login phase of an IMP
> > session?
>
> Yes.  Just have your web server redirect the login pages to https: pages.
> Make sure you cover any other spots you might need (if you install passwd
> module, or use signup process, etc).
>

But how do you redirect back out?  Or do you mean set up a global rewrite
from https-->http except for the login.php and redirect.php (which actually
handles the login, so must be https) and other such pages, in which you do
the poposite?


> > I just want to protect passwords, not content. If this is not
> > currently possible, at what level would this facility logically be
> > offered, Horde, IMP, or web server (if that's a meaningful question)?
>
> Web server level.
>
> > I'm using the latest stable Horde/IMP and Apache 1.3.29 with mod_ssl.
> > Thanks,
> >
> > Peter
> >
> > --
> > But our concepts are only of what has degenerated and been repaired; of
> > childhood, of innocence we have no idea.
> >  -- Hölderlin, "Hyperion"
> > --
> > IMP mailing list - Join the hunt: http://horde.org/bounties/#imp
> > Frequently Asked Questions: http://horde.org/faq/
> > To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>
>
>
> --
> Eric Rostetter
> The Department of Physics
> The University of Texas at Austin
>
> Why get even? Get odd!
>
> -- 
> IMP mailing list - Join the hunt: http://horde.org/bounties/#imp
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>



More information about the imp mailing list