Am 25.09.2012 10:25, schrieb Mike Gabriel:
> Hi,
> 
> On Di 25 Sep 2012 05:08:19 CEST glpk xypron wrote:
> 
>> I am not aware of proxies being contacted over https.
> 
> Hmmm... this indeed is true... The feature will mostly be an
> inside-to-outside connection. Hmmm... To get it clear, would we send
> http-proxy authentication strings in cleartext to the proxy server or
> would we send the remote X2Go server credentials to the proxy in cleartext.

only proxy server authentication is in clear text. However, many setups
have the same authentication for proxy-users as for system-users. Often
such authentication is performed over central LDAP-Server. Sure, it is a
fail of system administrator, if he allow such unecrypted authentication
over Internet. But I don't even give them a possibility to make such
mistake...

> Sending proxy auth in cleartext probably is common practice (?). Most
> proxy setups do not even need an auth-against-the-proxy.
> 
> This feature clearly needs a good documentation so that we do not false
> security alarms on the mailing lists!!!
> 
> Mike
> 
> 

Alex
-- 
Oleksandr Shneyder
Dipl. Informatik
X2go Core Developer Team

email:  oleksandr.shneyder@obviously-nice.de
web: www.obviously-nice.de

--> X2go - everywhere@home