Kerberos authentication over HTTP on proxy

[Sunil Parolia]

Hi all,
 
I'm new to authentication Realm so I apologize if this is too basic Qs.
 
Is user authentication at proxy possible at all for HTTP negotiate
mechanism? On googling I found some pointers which say that its not
possible. 
 
In current implementation ( BASIC) user has to maintain 2 password, one
for login to corporate domain and another for http( not HTTPS) access.
Can we use digest/NTLM authentication mechanism ( not the basic because
of inherent weakness) for this scenario, so that user can use the same
corporate AD password for HTTP access?
 
Thanks,
Sunil Parolia