Re: [squid-users] NT authentication with squid proxy

From: Henrik Nordstrom <>
Date: Wed, 14 Nov 2001 17:47:50 +0100

On Wednesday 14 November 2001 16.37, Raymond Jacob wrote:

> thank you for your reply. I do appologize for being so dense
> but could you further elaborate on:
> > It is only HTTP proxies following the HTTP specifications it dislikes.

The NTLM authentication scheme is designed in such way that it collides with
connection management requirements in HTTP proxies put out by the HTTP

What this means is basically that any HTTP proxy designed to follow the
HTTP specification cannot proxy requests for NTLM authenticated content.

The NTLM authentication scheme is designed to be used on a local LAN only.
Use over the Internet is both stupid and very dangerous as it may reveal
information about your LAN account.

Henrik Nordström
Squid Hacker
Received on Wed Nov 14 2001 - 09:47:27 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:12 MST