Amos Jeffries escreveu:
>
> One thing to be wary of is that NTLM hash strength is pretty much limited
> by the Windows releases involved. The older versions used by Win9x are
> hashes which are now trivially broken, none are completely secure. The
> latest windows releases have deprecated it in favor of the much more secure
> Kerberos (but that won't work with anything much older than XP and IE6).
>
>
supporting Win9x is not needed and, if i can do anything to really
dissallow those to browser, i will :)
basically my clients will be Win9x and Vista and Windows 2003/2008
servers as well. There's absolutely no chance of having Win9x on my
project, which seems to be good.
> There is also digest authentication, which is the IETF standard for secure
> authentication over HTTP. Some people actually use it too. And it works
> without needing windows or domain controllers.
>
>
having a domain controller is not a problem indeed. In fact i need
squid to use AD username and passwords. Anyway, i'll look for digest
authentication.
thanks for the answer and for the hints.
-- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertrudes_at_solutti.com.br My SPAMTRAP, do not email itReceived on Wed Jun 03 2009 - 00:34:31 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 03 2009 - 12:00:02 MDT