On Sat, 2006-12-16 at 21:21 -0500, Brian J. Murrell wrote: > > Probably, a helper supporting this native KRB5 blob is ideal, It has further occurred to me, that ntlm_auth *has* to be the helper that supports this native KRB5 Negotiate goop, unless one can ensure that no AD authenticating windows clients will be part of the network. I wonder what the chances any normal office type setting can make that guarantee? Does not wanting to use an MS server for the authentication really preclude the use of SPNEGO? I.e. is there any good reason why a browser on Linux delivering simply KRB5 credentials *cannot* wrap it all in SPNEGO? It sure would make things easier if it could/should. Maybe some gecko code analysis is needed. ~sigh~ This is probably staring to grow a little OT for this list though. b. -- My other computer is your Microsoft Windows server. Brian J. Murrell
Attachment:
signature.asc
Description: This is a digitally signed message part
