> On 15 September 2018 at 12:32 Peter Mogensen <apm at one.com> wrote:
>
>
>
>
> On 09/15/2018 10:41 AM, Aki Tuomi wrote:
> > Point of sending the success ones is to maintain whitelist as well as
> > blacklist so you know which ones you should not tarpit anymore. We
> > know it does scale as we have very large deployments using the whole
> > three request per login model.
> >
> >
>
> "Success" in a proxy which is not it self authenticating is only
whether
> it know where to proxy the requested username to.
> I'm not sure whether this would be input to a whitelist.
>
> I'm not doubting that 3 req/login scales.
>
> /Peter
>
This is rather uncommon use-case. Most cases authentication occurs on proxy and
is forwarded using, say, master password on to the backend.
Aki