Re: transparent authentificton / encryption

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 09 Mar 2000 21:31:50 +0100

Yomler wrote:

> I am wondering if is possible to have a complete transparent
> authentification of my users, using SSLv3 with a certificate on the squid
> proxy and another certificate (trusted) for each of my users, in their
> navigators ?

Nope. HTTP does not define any authentication methods using SSL
certificates, and no browsers I know of supports proxying using a SSL
connection to the proxy.

> Is there any other ideas ?

* Use a browser which can save the password in a secure manner for later
sessions.

* Use ident for "authentication" (can be fooled by knowledgeable peole)

* Spend some time on getting NTLM authentication feature to Squid
working properly, to have Windows users automatically authenticated by
their login name to the Windows domain.

* Authenticate users by their IP address

* Accept that the user must enter their password every browsing session

* Don't bother with authentication.

--
Henrik Nordstrom
Squid hacker
Received on Fri Mar 10 2000 - 05:33:35 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:02 MST