Re: [squid-users] Re: Difference between basic authentication

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sat, 29 Oct 2005 23:09:11 +0200 (CEST)

On Sat, 29 Oct 2005, Christoph Haas wrote:

> Do you have any pointers? We currently run basic authentication with an
> LDAP backend. And since we'd rather like something less plaintext but no
> Microsoft crap (at least at this level) this sounds like a good solution.
> But I didn't know of anything else than Basic and NTLM yet. I'd be
> interested.

Digest authentication is a standard HTTP authentication scheme (unlike
NTLM) and documented in RFC2617 together with the Basic HTTP
authentication scheme.

Digest requires the passwords to be stored either in plain-text (or
reversibly encrypted), or hashed specifically for Digest authentication
(including the realm used). On the wire relatively secure one-time hashes
is exchanged.

Digest authentication is supported in all major browsers, even if the MSIE
support seems rather poor (but it is at least functional to the minimum
required level).

Regards
Henrik
Received on Sat Oct 29 2005 - 15:09:15 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:05 MST