[cvsnt] Re: cross-platform SSPI/NTLM implementation for CVSNT?
Oliver Giesen
ogware at gmx.net
Wed Nov 19 12:04:40 GMT 2003
Tony Hoyle wrote:
> It's not really worth it - there's no encryption, for example. I did
> play around with NTLM on Unix a year or so ago, but ditched it as all
> the implementations around then were NTLMv1 (which is about as secure
> as pserver). A full NTLM implementation needs something like samba
> (you should be able to join domains, for example).
>From the quick glance I've had at the various documents I mentioned it
seems the implementation is NTLM2 and authenticating against domains is
possible as well. They also mention that this is about the only way to
accomplish secure authentication from Win9x clients where the
MS-supplied SSPI API is basically useless.
You probably got a point concerning encryption I guess but I could be
wrong. As I said I only had a very quick glance as I don't really
understand even half of the details.
Cheers,
--
Oliver
---- ------------------
JID: ogiesen at jabber.org
ICQ: 18777742 (http://wwp.icq.com/18777742)
More information about the cvsnt
mailing list