"TEXT 1"="Allow WebDAV to use Basic Authentication"
"DESCRIPTION 1"="Windows XP includes a component to access servers using WebDAV. WebDAV is a protocol to allow file access (read, write, copy, delete etc.) using HTTP that is normally only used to transport HTML files. With WebDAV you can use a server like you would with file shares (\\myserver\the_share) but instead of SMB it will use HTTP to transport the data."
"DESCRIPTION 2"="WebDAV is usually used for road worriers that are behind a firewall that will only allow HTTP so SMB access to a server would normally fail. With WebDAV these persons can work with the server as if they are sitting inside the company."
"DESCRIPTION 3"="However, since the password you login to a WebDAV server is the same as you use to login into the corporate network. Normally WebDAV can also use Basic Authentication which simply means: Send the password unencrypted to the server. This can be a huge security risk since the corporate network password would be transmitted unencrypted through the internet and maybe somebody will catch it."
"DESCRIPTION 4"="Because of this, beginning with Windows XP SP2, Microsoft has disallowed the WebDAV client to use Basic Authentication (transmit password unencrypted). If you have secured the access to the WebDAV Server in other ways (for example using a VPN) you might simply turn this feature on again."
"AUTHOR"="Xteq Systems"
"CONTACTURL"="http://www.x-setup.com/"
"COPYRIGHT"="Copyright ⌐ Xteq Systems - All Rights Reserved"
"COMMENT 1"="Win XP SP2 Release Notes: Disabling Basic Authentication over a clear channel"
