- Only unencrypted Password Authentication Protocol (PAP) can be used when authenticating outbound Web proxy requests...
[So, looser,] You can provide additional protection for hidden attributes by using Internet Protocol security...
from http://technet.microsoft.com/en-us/library/cc995145.aspx