[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Fwd: [Bug 23679] NTLM auth for HTTP]



Good news, mozilla >= 1.6 will probably support NTLM on all platforms.

-----Forwarded Message-----
From: bugzilla-daemon mozilla org
To: rms 1407 org
Subject: [Bug 23679] NTLM auth for HTTP
Date: Mon, 17 Nov 2003 19:13:56 -0800

http://bugzilla.mozilla.org/show_bug.cgi?id=23679


darin meer net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  BugsThisDependsOn|                            |224653
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |FIXED




------- Additional Comments From darin meer net  2003-11-17 19:12 -------
this bug is fixed.  see bug 224653 for details.  here's a quick summary:

  o  starting with mozilla 1.6 beta, it should be possible to connect using NTLM 
     authentication on all platforms.  note: NTLM is currently only supported 
     for HTTP or HTTPS.

  o  it is not supported when FIPS mode is enabled (because it uses MD4).

  o  the SSPI based WIN32 implementation has been dropped in favor of the new
     cross-platform implementation.  we had too many bugs with SSPI crashing on
     older machines.  if possible, i'd therefore like to avoid SSPI altogether.
     however, i'm willing to entertain the possibility of adding it back under
     certain conditions if it proves valuable.

  o  the new implementation attempts to negotiate the preferred NTLM2 session
     key mode whenever the server supports it.  this improves security.

  o  as with the previous SSPI based implementation, mozilla does not 
     automatically send username, password, and domain (based on the user's
     WINNT logon) since we feel that that is a security risk.  in a future
     version we may eliminate this restriction for proxy authentication.
-- 
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?

Please AVOID sending me WORD, EXCEL or POWERPOINT attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]