RE: Proxy authentication with Negotiate uses wrong host
From: Greg Hudson <ghudson_at_MIT.EDU>
Date: Wed, 24 Aug 2011 07:28:37 -0400
On Wed, 2011-08-24 at 05:52 -0400, Bert Huijben wrote:
Kerberos via HTTP negotiate is also insecure when not used over HTTPS.
(Also, negotiate auth does no channel binding, which means Kerberos
|
This is an archived mail posted to the Subversion Users mailing list.
This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.