[squid-users] One Time Password with squid, exists?
Amos Jeffries
squid3 at treenet.co.nz
Thu Mar 12 02:01:33 UTC 2015
On 12/03/2015 2:50 p.m., Eliezer Croitoru wrote:
> Hey List,
>
> I was wondering about if OTP was ever implemented officially with squid?
To answer that you need to define OTP.
* Basic is the only scheme which delivers a password. So technically the
others are all one-use-password schemes already.
* Digest with nonce count 1 is a one-time-token scheme at the message level.
* Negotiate and NTLM are one-time-token schemes at the TCP connection level.
* Basic auth can be one-time-token but requires supporting logic to be
implemented in the clients, server, and a token asignment mechanism. Its
easier to just use Digest in most cases.
Amos
More information about the squid-users
mailing list