Re: [squid-users] question about secure proxy authentication

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 06 Dec 2001 01:08:05 +0100

Lista Squid wrote:

> Does anybody know how can I replace this method with something more secure?
> If you have some kind of recommendation... let me know ...

Only if you have access to the browser sources, which I doubt you have..

HTTP seriously lacks in secure authentication methods. The best standard
method is digest authentication, but as you noted it is not yet widely
supported. But even digest authentication are by many people not
considered very secure..

If using MS browsers then using NTLM authentication may be an option.

And you can ofcourse support more than one method in parallell if you
like, so people with modern browsers supporting digest authentication
will get that, while people with old browsers will continue to use basic
authentication (plain text).

Regards
Henrik Nordström
Squid Hacker
Received on Wed Dec 05 2001 - 17:41:11 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:14 MST