RE: Proxy authentication with Negotiate uses wrong host
From: Bert Huijben <bert_at_qqmail.nl>
Date: Wed, 24 Aug 2011 11:52:45 +0200
> -----Original Message-----
The Subversion parts of this code were written when neon only supported NTLM via Negotiate. NTLM is known to be insecure when not used over https.
Then somebody added Kerberos support to neon, but the api wasn't updated to allow different behavior for the specific implementations.
As Stefan already noted: this discussion belongs on the neon mailinglist. Once neon supports the necessary hooks/apis to enable Negotiate for the secure protocols we can enable them in Subversion.
@serf developers: This should probably be handled in serf too.
This is an archived mail posted to the Subversion Dev mailing list.