Secure Content (2/3)
- Pro: Immediately deployable
- Uses Helper application or plug-in support to view secure content as a MIME-type
- Con: Can't substitute for application layer security
- Can't authenticate or challenge servers within HTTP
- Can't exploit HTTP session properties (session keys, nonces)
Rohit Khare