Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Este fío arquivouse. Faga unha nova pregunta se precisa axuda.

How do I use SSL for authentication without encryption?

  • 2 respostas
  • 1 has this problem
  • 7 views
  • Last reply by cor-el

QRST
QRST
more options

I need to access remote computers using a link where encryption is prohibited. I want to use SSL to authenticate the connection - a permitted function - without encryption. The application relates to Amateur Radio (AR). In the USA under FCC Part 97 rules, those that govern AR, encrypted traffic is not allowed. Absent the functionality of authentication without encryption, this means that logins and passwords have to be sent over a radio connection in clear, with all of the problems that that situation can cause.

There is a VERY old version of the browser "Opera" that supports authentication without encryption, but I would rather use Firefox and I doubt I need to explain to anyone why using a current version of a browser is a good idea.

There are over 700,000 people in the USA who hold AR licences issued by the FCC, so this feature might be useful to more users than you might imagine.

I need to access remote computers using a link where encryption is prohibited. I want to use SSL to authenticate the connection - a permitted function - without encryption. The application relates to Amateur Radio (AR). In the USA under FCC Part 97 rules, those that govern AR, encrypted traffic is not allowed. Absent the functionality of authentication without encryption, this means that logins and passwords have to be sent over a radio connection in clear, with all of the problems that that situation can cause. There is a VERY old version of the browser "Opera" that supports authentication without encryption, but I would rather use Firefox and I doubt I need to explain to anyone why using a current version of a browser is a good idea. There are over 700,000 people in the USA who hold AR licences issued by the FCC, so this feature might be useful to more users than you might imagine.

All Replies (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

If I understand what you're saying, you want to use an alternate method of allowing the website to authenticate you, in place of a username and password*. This is different than you authenticating the site purporting to be the site you want to access, which currently is only possible using an encrypted session.

If this page is current, then it's not possible in Firefox:

http://www.hamwan.org/t/SSL+without+Encryption

You could consider filing a "bug": https://bugzilla.mozilla.org/

* As far as I know, you cannot submit a username and password to a site securely without encryption. Whether the site uses "basic" authentication or an HTML form, you would need encrypted transmission to avoid submitting the login in the clear.

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

See also:

  • bug 799007 - Remove support for low/weak/null cipher suites