public marks

PUBLIC MARKS from nhoizey with tags sso & réseau

25 October 2007 09:30

NTLM HTTP Authentication is insecure by design

This write-up discusses a problem inherent to the situation of a connection-oriented authentication - authorization protocol (e.g. NTLM authentication) used with a proxy server that shares TCP connections among several clients

The NTLM Authentication Protocol

This article seeks to describe NTLM at an intermediate to advanced level of detail, suitable as a reference for implementors.