On Thu, 2008-02-28 at 09:03 -0600, Cathy L Kegley wrote: > Hi Oleg, > > Microsoft recently released a bunch of open protocol specification on > MSDN. NTLM is included in that. These are the specs I have been > looking at: > > http://download.microsoft.com/download/a/e/6/ae6e4142-aa58-45c6-8dcf-a657e5900cd3/%5BMS-NLMP%5D.pdf > http://download.microsoft.com/download/a/e/6/ae6e4142-aa58-45c6-8dcf-a657e5900cd3/%5BMS-NTHT%5D.pdf > > Does this ease any of the legal implications for Apache? >
Yes, this does sound very encouraging, but someone from the legal team would still have to look at the documents and give us a formal okay. And we would still need to find a volunteer prepared to take on a "clean room" implementation of the spec. Oleg > > Cathy Kegley > > > Lotus Expeditor Runtime Development > 512.838.1229 (T/L: 678.1229) > [EMAIL PROTECTED] > > Inactive hide details for Oleg Kalnichevski ---02/28/2008 04:40:55 > AM---On Wed, 2008-02-27 at 15:18 -0800, [EMAIL PROTECTED] wOleg > Kalnichevski ---02/28/2008 04:40:55 AM---On Wed, 2008-02-27 at 15:18 > -0800, [EMAIL PROTECTED] wrote: > > > From: > > Oleg Kalnichevski > <[EMAIL PROTECTED]> > > To: > > Cathy L Kegley/Austin/[EMAIL PROTECTED] > > Cc: > > HttpComponents Project > <dev@hc.apache.org> > > Date: > > 02/28/2008 04:40 AM > > Subject: > > Re: NTLMv2 in Apache HttpClient > > > ______________________________________________________________________ > > > > > On Wed, 2008-02-27 at 15:18 -0800, [EMAIL PROTECTED] wrote: > > Hi Oleg, > > > > Hi Cathy > > > I am investigating what it would take to add NTLMv2 support to the > Apache HttpClient as well as integrated Windows authentication for > both NTLMv1 and v2. I have seen your name on numerous messages in the > forum regarding NTLM, so thought I write you. Is this support > something you would be interested to see contributed back to the > HttpClient? What are the restrictions on this? > > > > Absolutely. We would love to see a better support for NTLMv2 in > HttpClient. However, we cannot accept any code unless we are > absolutely > sure (1) it can be licensed or re-licensed under ASLv2 and (2) it does > not infringe on any Microsoft patents. The latter condition pretty > much > implies some company with close ties to Microsoft and lots of legal > muscles going into the trouble of taking this issue up directly with > Microsoft. > > Exactly for the above stated reasons we would like to use an external > library for the NTLM support to be free of having to deal with all > these > legal troubles. > > > I saw on the NTLM FAQ page that the use of jCIFS is currently under > investigation for licensing issues. Has anything more come of that? > > > > No, it has not. No one volunteered so far to do all the leg work. > > > Are there any plans to add support for NTLMv2 or the integrated > Windows authentication in the near future? > > > > Currently not a single active committer on the project expressed any > interest in working on it in the foreseeable future. So, essentially > we > are waiting for some external contributor to turn up with a solution > "scratching his/her own itch", so to speak. > > Oleg > > PS: I am sending a copy of this message to the HttpComponents dev list > to keep the rest of the team in the loop. It would be really great if > you subscribed to the list, should you be interested in discussing the > subject further. > > http://hc.apache.org/mail-lists.html > > > Thanks. > > Cathy Kegley > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
