[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: proxy authentication

To: "Howard Chu" <hyc@highlandsun.com>
Subject: RE: proxy authentication
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sun, 16 Jun 2002 17:44:34 -0700
Cc: <lukeh@PADL.COM>, <openldap-devel@OpenLDAP.org>
In-reply-to: <NMEFLNHODBAOPDKNNJALEEDDDBAA.hyc@highlandsun.com>
References: <5.1.0.14.0.20020616165651.0248d8c8@127.0.0.1>

At 05:06 PM 2002-06-16, Howard Chu wrote:
>> -----Original Message-----
>> From: owner-openldap-devel@OpenLDAP.org
>> [mailto:owner-openldap-devel@OpenLDAP.org]On Behalf Of Kurt D. Zeilenga
>
>> At 04:54 PM 2002-06-16, Luke Howard wrote:
>>
>> >>This is basically the same as passing through the SASL
>> >>bind request/responses EXCEPT the authenticating server
>> >>knows it [is] doing [it] for the middle box and hence can prepare
>> >>a response which can be relayed to the end client.
>> >
>> >In what cases would this be necessary?
>>
>> Any mechanism with man-in-the-middle protection... e.g. DIGEST-MD5.
>
>No part of the DIGEST-MD5 exchange is dependent on the individual machines
>in the transaction.

digest-uri.

Kurt

References:
- Re: proxy authentication
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- RE: proxy authentication
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: RE: proxy authentication
Next by Date: RE: proxy authentication
Index(es):
- Chronological
- Thread