"brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> writes: > ... and because of this difficulty and the fact that NTLM uses cryptography > known to be insecure since 1995, there is often little interest in > implementing this support outside of libcurl. However, it would be > helpful if people who want to use it can still use it. This position was a bit surprising to me to come from you, but perhaps I am mixing up my recollection of your past work on this project with somebody else's? I somehow expected to hear something more like "if a less secure thing is cumbersome to implement, let it be, as that is better for the world". But I am OK to add less secure thing as long as it is an opt-in "easy way out". Everything else I read in the cover letter made sense to me. I just wanted to say that the above part was a bit surprising. Thanks.
