On Wed, 2 Nov 2011 15:52:05 +0200, Oguz Yilmaz wrote:
> --
> Oguz YILMAZ
>
>
>
> On Wed, Nov 2, 2011 at 1:44 AM, Amos Jeffries <squid3_at_treenet.co.nz>
> wrote:
<snip>
>>
>> Firstly and most preferred is to move to Negotiate/Kerberos
>> authentication.
>> It is more than twice as efficient as NTLM and offers modern
>> security
>> algorithms for much higher security.
>>
>>
>
> Does Negotiate/Kerberos auth support transparent authentication for
> client browsers? What is the replacement for ntlm challenge/response?
Operationally Kerberos is essentially an updated version of NTLM. It
has all the same features and uses as NTLMv2. The differences are most
in the administrative side, with different tools to manage it.
>
> Is this the right page to start?:
> http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
Yes.
Amos
Received on Wed Nov 02 2011 - 21:38:28 MDT
This archive was generated by hypermail 2.2.0 : Thu Nov 03 2011 - 12:00:02 MDT