On Sunday 24 February 2002 04:15, Robert Collins wrote:
> As for handing the negotiate packet to the helper, we're actually
> considering giving the helper less, not more. The windbindd helper
> opens the door to allowing squid generated challenges, which means
> much more efficient processing, and less complex internal
> structures, but on the down side needs more smarts. So we're
> looking at a protocol v4 in the next release anyway.
From a security perspective I would prefer if the challenge was
generated outside of Squid. I do not want Squid to require the needed
permissions to get into said "secure channel".
I am pretty sure the winbind people agrees on this principle.
There is reasons to why the endpoints needs to be authenticated to
perform such type of authentication. Nothing major, but still...
Regards
Henrik
Received on Sat Feb 23 2002 - 21:31:19 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:48 MST