|
|
|
|
|
|
by insanitybit
921 days ago
|
|
|
> This is, at best, security through obscurity, which can be layered on any network protocol (e.g. https://en.wikipedia.org/wiki/Port_knocking); this implies that the authors don't have much of a security background...? This isn't security through obscurity. The url would be a secret. This is a form of capability security, where to connect to the server you must be able to name the server. A URL with a secret is, in my opinion, far more sane than port knocking, and will be much more efficient as well. > (i.e. https://security.stackexchange.com/questions/148292/why-is-o...) Your link doesn't support your statement at all. No one there answers "here's why oid is less secure", they say the opposite. |
|
|