"One of the most common kinds of access control for secure web servers is Basic Authentication, in which a login and password are required. Access controls can apply to part or all of a web site. The restricted area is called the "authorization realm." Even though Basic Authentication is the most common kind of access control, it is not the most secure. The most secure kind of access control is Client Authentication."

"Client Authentication uses client certificates installed in users' web browsers or other client applications (clients) to authenticate users, and only lets clients with the right client certificates into the authorization realm. (In this article, an authorization realm with client authentication will be called a "Client Authentication Realm.")"

Complete Story

Related Stories:
Installing a secure web server(Dec 11, 2000)
VNU Net: Weak Security Found in Many Web Servers(Sep 07, 2000)
PRN: Covalent Adopts RSA Security Products for Apache Web Server Solutions(Jul 14, 2000)
DevShed: The Soothingly Seamless Setup of Apache, SSL, MySQL, and PHP(Jun 09, 2000)
RootPrompt.org: Can IPv6 replace SSL?(May 30, 2000)