On Sun, 2021-11-28 at 16:46 +0100, Michael Osipov wrote:
> Am 2021-11-27 um 11:01 schrieb Oleg Kalnichevski:
> > On Fri, 2021-11-26 at 18:39 +0100, Michael Osipov wrote:
> > > Am 2021-11-23 um 20:14 schrieb Oleg Kalnichevski:
> > > > Folks
> > > >
> > > > Here's my proposal
> > > >
> > > >
Am 2021-11-27 um 11:01 schrieb Oleg Kalnichevski:
On Fri, 2021-11-26 at 18:39 +0100, Michael Osipov wrote:
Am 2021-11-23 um 20:14 schrieb Oleg Kalnichevski:
Folks
Here's my proposal
HttpClient 5.2:
* Announce the plan to deprecate and eventually remove NTLM support
and experimental SPNEGO /
Am 2021-11-27 um 19:55 schrieb larry mccay:
It is still unclear to me whether there is a security issue with using the
existing Kerberos/SPNEGO implementation.
Sorry if I am missing a clear message here.
If you plan to use GSS-API, you code must comply with RFC 7546 to
complete and trust the
It is still unclear to me whether there is a security issue with using the
existing Kerberos/SPNEGO implementation.
Sorry if I am missing a clear message here.
On Sat, Nov 27, 2021 at 5:02 AM Oleg Kalnichevski wrote:
> On Fri, 2021-11-26 at 18:39 +0100, Michael Osipov wrote:
> > Am 2021-11-23
On Fri, 2021-11-26 at 18:39 +0100, Michael Osipov wrote:
> Am 2021-11-23 um 20:14 schrieb Oleg Kalnichevski:
> > Folks
> >
> > Here's my proposal
> >
> > HttpClient 5.2:
> >
> > * Announce the plan to deprecate and eventually remove NTLM support
> > and experimental SPNEGO / Kerberos support
>
Am 2021-11-23 um 20:14 schrieb Oleg Kalnichevski:
Folks
Here's my proposal
HttpClient 5.2:
* Announce the plan to deprecate and eventually remove NTLM support
and experimental SPNEGO / Kerberos support
* Ask downstream projects to get in touch with us. Invite interested
parties to
Folks
Here's my proposal
HttpClient 5.2:
* Announce the plan to deprecate and eventually remove NTLM support and
experimental SPNEGO / Kerberos support
* Ask downstream projects to get in touch with us. Invite interested
parties to participate in Kerberos support improvements
HttpClient 5.3:
Karl, the dicsussion isn't about NTLM, but SPNEGO/Kerberos only.
Am 2021-11-21 um 01:22 schrieb Karl Wright:
This is not a security issue. The implementation of NTLM is just as secure
as the Microsoft implementation. That's not terribly secure but that's
inherent in their design.
Karl
On
This is not a security issue. The implementation of NTLM is just as secure
as the Microsoft implementation. That's not terribly secure but that's
inherent in their design.
Karl
On Sat, Nov 20, 2021 at 7:02 PM larry mccay wrote:
> This is a concerning statement and I need some additional
This is a concerning statement and I need some additional information to
determine what sort of risk is inherent in the current implementation.
Perhaps we should take those details off list if this is a security issue.
I'll need to determine whether there are any workarounds or usage patterns
Am 2021-11-20 um 20:46 schrieb larry mccay:
Hi -
I am the Apache Knox PMC chair and a committer on Hadoop and other
ecosystem projects.
FYI, Apache Knox is indeed dependent on SPNEGO in httpclient.
Knox is a Hadoop ecosystem gateway and as part of the trusted proxy or
proxyuser pattern within
Hi -
I am the Apache Knox PMC chair and a committer on Hadoop and other
ecosystem projects.
FYI, Apache Knox is indeed dependent on SPNEGO in httpclient.
Knox is a Hadoop ecosystem gateway and as part of the trusted proxy or
proxyuser pattern within Hadoop it requires all proxies that dispatch
Am 2021-11-20 um 19:35 schrieb Oleg Kalnichevski:
On Sat, 2021-11-20 at 12:25 -0500, Karl Wright wrote:
These protocols are, unfortunately, still used.
However, the projects I know that use them have not yet moved to 5.x
of
httpcomponents. Other projects I know of that used to use
Am 2021-11-20 um 18:25 schrieb Karl Wright:
These protocols are, unfortunately, still used.
ManifoldCF, which does much integration with windows
systems, supports Kerberos but only in the most hacky way, because there
wasn't anything more seamless available.
I would therefore counter-propose
Am 2021-11-20 um 17:41 schrieb Oleg Kalnichevski:
Folks
Presently NTLM & SPNEGO are stated as supported authentication schemes,
by the project which is, quite frankly, not the case. There are partial
implementations in various state of decay contributed some while ago by
contributors long gone
On Sat, 2021-11-20 at 12:25 -0500, Karl Wright wrote:
> These protocols are, unfortunately, still used.
>
> However, the projects I know that use them have not yet moved to 5.x
> of
> httpcomponents. Other projects I know of that used to use
> httpcomponents
> have since upgraded to different
These protocols are, unfortunately, still used.
However, the projects I know that use them have not yet moved to 5.x of
httpcomponents. Other projects I know of that used to use httpcomponents
have since upgraded to different http libraries that supported http 2.0
early on.
The hint that all it
Folks
Presently NTLM & SPNEGO are stated as supported authentication schemes,
by the project which is, quite frankly, not the case. There are partial
implementations in various state of decay contributed some while ago by
contributors long gone with no one on the project both capable and
willing
18 matches
Mail list logo
