[geeklog-devel] Atom publishing
dirk at haun-online.de
Fri May 30 01:56:30 EDT 2008
Ramnath R Iyer wrote:
>On Thursday 29 May 2008 22:30:42 Vincent Furia wrote:
>> You have to trust the website owner. With the any method of encryption
>> that we're talking about, whether one way hash or AES, it is trivial for
>> the owner of a website get your password.
>I could send my password to Yahoo trusting that the password won't be
>intercepted and stored, but I wouldn't want some random Yahoo employee who
>has access to the db to know my password.
I'd say you're both right. You will have to trust the website owner to
some extent, but we should at least protect sensitive information
against accidental disclosure.
More information about the geeklog-devel