Hacker News new | past | comments | ask | show | jobs | submit login

Also, both SSH and HTTP have defined authentication mechanisms built into the protocol.

The HTTP spec has a response code, 403, for indicating that a request (potentially without authentication information) is unauthorized. SSH has a similar defined response.

If there's _no authentication around it_, I would argue that it's published to the public web, regardless of the protocol in use to deliver it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: