I have squid 2.5 working with ldap authentication in a test environment. If I understand correctly what I have read in FAQ 23.1 when the username/password pair is passed from the user's browser to squid it is unencrypted and hence at risk of interception. To protect against this we are considering using SSL. My question about this is: Am I right in thinking that there is no way to encrypt just the username/password pair and that we will have to encrypt all traffic to squid to prevent the password details being read.
Thanks
Rick Barns
Received on Thu Mar 04 2004 - 08:51:35 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:01 MST