Am 25.09.2012 10:25, schrieb Mike Gabriel: > Hi, > > On Di 25 Sep 2012 05:08:19 CEST glpk xypron wrote: > >> I am not aware of proxies being contacted over https. > > Hmmm... this indeed is true... The feature will mostly be an > inside-to-outside connection. Hmmm... To get it clear, would we send > http-proxy authentication strings in cleartext to the proxy server or > would we send the remote X2Go server credentials to the proxy in cleartext.
only proxy server authentication is in clear text. However, many setups have the same authentication for proxy-users as for system-users. Often such authentication is performed over central LDAP-Server. Sure, it is a fail of system administrator, if he allow such unecrypted authentication over Internet. But I don't even give them a possibility to make such mistake... > Sending proxy auth in cleartext probably is common practice (?). Most > proxy setups do not even need an auth-against-the-proxy. > > This feature clearly needs a good documentation so that we do not false > security alarms on the mailing lists!!! > > Mike > > Alex -- Oleksandr Shneyder Dipl. Informatik X2go Core Developer Team email: [email protected] web: www.obviously-nice.de --> X2go - everywhere@home
signature.asc
Description: OpenPGP digital signature
_______________________________________________ X2Go-Dev mailing list [email protected] https://lists.berlios.de/mailman/listinfo/x2go-dev
