Re: [squid-users] user/password privacy

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 16 Jun 2005 01:26:28 +0200 (CEST)

On Tue, 14 Jun 2005, kido wrote:

> I am using basic scheme to authenticate users. Is this method vulnerable to
> sniffers?

Yes.

> if so, is there another scheme which can protect privacy
> (encryption...)?

Yes, digest or NTLM.

digest is standard, but hard to integrate with authentication backends.

NTLM is Microsoft NT domain masqueraded over HTTP.

> what does "digest" scheme mean?

RFC2617 chapter 3 Digest Access Authentication Scheme

Regards
Henrik
Received on Wed Jun 15 2005 - 17:26:34 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jul 01 2005 - 12:00:02 MDT