Re: [SQU] Secure Authentication

From: Robert Collins <[email protected]>
Date: Sat, 9 Sep 2000 08:37:37 +1100

All I can say is that it's working for everyone whos tried it!

Seriously we _need_ some brave souls who are willing to try it in their
environments (in a test basis). Feedback from users is what will move it
from development to production.

For the record Francesco (kinkie) is running some absurdly large number of
users (kinkie _how many was it?_) off the 'fake' squid NTLM code.

Rob

----- Original Message -----
From: "Ounsted, Toby" <ounstt@kivo.com>
To: <squid-users@ircache.net>
Sent: Saturday, September 09, 2000 12:09 AM
Subject: RE: [SQU] Secure Authentication

> Can anyone give an update on how well the NTLM stuff is going? I read the
> announcement at the end of August about it's availability but have held
back
> whilst it's classified as 'development' rather than 'production'. I ran
> Squid very happily in my previous job but have had to hold back so far in
> this one as NT Authentication is a prerequisite for a proxy service
(Bah!).
>
>
> Thanks,
>
> Toby.
>
> -----Original Message-----
> From: Chemolli Francesco (USI) [mailto:ChemolliF@GruppoCredit.it]
> Sent: 08 September 2000 07:58
> To: 'Henrik Nordstrom'; Byron Peterson
> Cc: squid-users@ircache.net
> Subject: RE: [SQU] Secure Authentication
>
> > Byron Peterson wrote:
> > >
> > > Are there any ways to do proxy authentication securely?
> >
> > If you are talking about not sending the login+password in plain text:
> >
> > Sponsor implementing digest authentication in Squid, and then
> > make sure
> > the users are using browser versions which are new enought to support
> > it..
>
> In this respect, the NTLM project is sort-of-secure, as the client-squid
> protocol uses a challenge-response system. It only works with Internet
> Exploder of course. Check the ntlm-devel-projects. There are plans
> to extend it to support digest authentication, but first we want
> to get NTLM right.
>
> --
> /kinkie
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>
>

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Fri Sep 08 2000 - 15:44:33 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:14 MST