- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Sun, 13 Mar 2016 15:59:42 +1300
- To: ietf-http-wg@w3.org
On 13/03/2016 10:50 a.m., Daniel Stenberg wrote: > On Sat, 12 Mar 2016, Dennis Olvany wrote: > >> Thanks, Ilari. After further research, it looks like I may be running >> into the http2 incompatibility with ntlm. Is this limitation >> applicable to the mixed use case? Is anyone aware of a good write up >> which explains the ntlm incompatibility? > > NTLM authenticates *connections* not requests (as HTTP auth was always > meant to). HTTP/2 do (short-lived) streams over a single connection. > > The two concepts really don't match very well. > Note that NTLM is also incompatible with HTTP/1.x. Middleware has to actively disable almost all useful HTTP functionality when NTLM (or Negotiate) is being relayed on a connection. Amos
Received on Sunday, 13 March 2016 03:00:19 UTC