Firewall Wizards mailing list archives

RE: Protocols supporting proxy auth?

From: "LeGrow, Matt" <Matt_LeGrow () NAI com>
Date: Thu, 8 Feb 2001 13:54:26 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

-----Original Message-----
From: Matthew Kirkwood [mailto:matthew () hairy beasts org]
Sent: Wednesday, February 07, 2001 8:33 AM
To: firewall-wizards () nfr net
Subject: [fw-wiz] Protocols supporting proxy auth?

Hi,

Is there a reference anywhere for protocols (or protocol
abuses) which support proxy authentication?

HTTP I have, but I'd also like to support FTP, POP, IMAP
and maybe others.


HTTP does have a "Proxy-Authentication" header but there's really no
similar concept with the other protocols that you have listed (that I
know of - maybe IMAP has such support ?).  If a protocol does have
support for proxy authentication, then it would probably be in the
RFC for that protocol.   

Part of the problem is finding clients that might actually support
the additional authentication step.  RTSP, for example, is a protocol
very similar to HTTP, and as such it has specified in the RFC that
servers can implement HTTP authentication.  But a standard
RTSP-capable client, such as RealAudio or Quicktime, does not seem to
understand how to deal with a normal HTTP request for authentication
message that might come from a proxy.

So unless you build a special client that can do so, or as Arkanoid
mentioned, use a shimming SOCKS client on your workstation, you are
more or less out of luck and are forced to implement proxy
authentication for any sort of service ad hoc, as is done with many
of the Gauntlet services.

Matthew.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards


Matt LeGrow
Network Associates, Inc.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Note : Opinions expressed herein are most certainly NOT that of my
employer :-) 

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
Comment: Crypto Provided by Network Associates <http://www.nai.com>

iQA/AwUBOoMVk/bW52zw8/NBEQKcMACg12gWiBktw5rHc/vom16tY/LKlyUAoI+V
R9wDrOYfLKAaqJ5IiIObkW4X
=mJcJ
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Protocols supporting proxy auth? Matthew Kirkwood (Feb 07)
- Re: Protocols supporting proxy auth? ark (Feb 08)
  - Re: Protocols supporting proxy auth? Carson Gaspar (Feb 11)
- <Possible follow-ups>
- Re: Protocols supporting proxy auth? Jeff . Hodges (Feb 08)
  - Re: Protocols supporting proxy auth? ark (Feb 08)
- RE: Protocols supporting proxy auth? LeGrow, Matt (Feb 08)