>Please excuse my ignorance. Would passwords be passed in clear text
using
>basic auth? Is there an authentication scheme that works without
clear text.
There are 3 types of auth supported in Squid:
1) Basic auth
- Works with virutally any browser
- Password is sent in clear text
- Password can be stored any number of ways (depending on helper)
2) Digest auth
- Works with most browsers
- Password is not sent cleartext
- Password must be stored in clear text
3) NTLM auth
- Works only with IE; Does not prompt for username/password
- Password is not sent cleartext
- Password is not stored cleartext
Quite frankly, if you can use NTLM auth, do it. That is the one feature
in IE that I wish other browsers would emulate.
Adam
Received on Thu Jul 10 2003 - 19:46:03 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:55 MST