"pf" == Paul Ferguson <paul@hawksbill.sprintmrn.com> writes: pf> Does anyone know, on the off-chance, who is currently working on pf> HTTP authentication processes for web browsing and Mosiac? pf> Pointers appreciated. There is a www-security mailing list based at Rutgers (majordomo@nsmx.rutgers.edu; list name of www-security). From the introductory majordomo message: This list is intended for the discussion of World Wide Web security proposals, enhancements and issues. Ben Fried of Columbia posted to www-security some NCSA httpd/xmosaic patches to allow Kerberos 4 authentication. The University of Michigan is using these patches (with some bug fixes fed back to Ben) and a similarly patched lynx browser for authenticated web connections. I haven't looked at the code to know whether the network traffic is encrypted or not. michael