From new-httpd-return-3238-apmail-new-httpd-archive=apache.org@apache.org Tue May 02 17:19:34 2000 Return-Path: Delivered-To: apmail-new-httpd-archive@apache.org Received: (qmail 55344 invoked by uid 500); 2 May 2000 17:19:34 -0000 Mailing-List: contact new-httpd-help@apache.org; run by ezmlm Precedence: bulk X-No-Archive: yes Reply-To: new-httpd@apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list new-httpd@apache.org Received: (qmail 55333 invoked from network); 2 May 2000 17:19:33 -0000 Message-ID: <012901bfb45a$fca48540$c1e01b09@raleigh.ibm.com> From: "Bill Stoddard" To: References: <000201bfb445$a00af900$345985d0@corecomm.net> Subject: Re: Announce: NTLM authentication module Date: Tue, 2 May 2000 13:22:26 -0400 Organization: IBM Corp. MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N Isn't challenge/response somewhat like digest authentication? How prevalent is it used? Does it work with browsers other than IE? Bill ----- Original Message ----- From: William A. Rowe, Jr. I don't know that it is isn't beyond the scope of the Apache project to offer NT challenge/response in the core distribution, now that I look at the deeply embedded issues. That isn't to say I don't support integrated NT user authentication (I do), for the Win32 build, and perhaps later implement kerbos passthrough authentication, but I'm really looking at this from the 'features' side. NT internal authentication mirrors what can be accomplished on Unix with native Unix features. Challenge/Response is a client protocol, proprietary and MS specific, that if implemented, must be supported on all platforms. I'm looking at this as an valueable alternative to the NT server. Perhaps some Unix developers can shed their thoughts on the challenge response argument. Bill