Not necessarily security problems.
Closes #17220
DER
dereference
dereferences
+DES
deselectable
deserialization
Deserialized
- there are modern versions of equivalent or better functionality offered and
in common use
+
+## weak algorithms required for functionality
+
+curl supports several algorithms that are considered weak, like DES and MD5.
+These algorithms are still not curl security vulnerabilities or security
+problems as they are only used when the users explicitly ask for their use by
+using the protocols or options that require the use of those algorithms.
+
+When servers upgrade to use secure alternatives, curl users should use those
+options/protocols.
Microsoft. It uses a challenge-response and hash concept similar to Digest, to
prevent the password from being eavesdropped.
-You need to build libcurl with either OpenSSL or GnuTLS support for this
-option to work, or build libcurl on Windows with SSPI support.
+NTLM uses weak cryptographic algorithms and is not considered secure.
## CURLAUTH_NTLM_WB
projects / thirdparty / curl.git / commitdiff
