wrowe at rowe-clan
Apr 4, 2012, 12:28 AM
On 3/30/2012 1:56 AM, Dami Laurent (PJ) wrote:
>> -----Message d'origine-----
>> De : André Warnier [mailto:aw [at] ice-sa]
>>> I was considering forking the module and fixing bugs like these, but I
>>> am not quite sure how much sense that makes given the fact that NTLM is
>>> deprecated technology.
>> Huh ? Who said that ? To my knowledge, 99% of large corporations use NTLM
>> (Windows Domain
>> Authentication) as their basic AAA mechanism.
Well, NTLM was DoA. It is isn't HTTP compatible (0.9, 1.0 or 1.1). HTTP is stateless, MS
NTLM presumes a stateful connection.
> For the future, the way to go is Kerberos; this is what Microsoft is pushing in replacement for NTLM.