[squid-users] secure basic authentication from Emilio Casbas on 2006-01-18 (squid-users)

From: Emilio Casbas <ecasbas@dont-contact.us>
Date: Wed, 18 Jan 2006 12:33:30 +0100

Hi all

-basic authentication is insecure by nature.

-basic authentication + SSL only is secure in the logon, but
the stateless characteristic of HTTP , it will send the consecutive
sensitive headers
in clear text.

-Digest isn´t support ldap in this moment, it isn´t Single Sign On.

-NTLM isn´t a standard HTTP authentication scheme.

Then, which is the best method and secure to implement a basic proxy
authentication
in a proxy environment?.

Thanks in Advance.

-- 
Emilio Casbas

Received on Wed Jan 18 2006 - 04:33:41 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST