SQL authentication vs keeping webservers in domain?

[SteveTheGeek]

All,
I'm restructuring a customer site with a primary goal of securing it, and I've come to an interesting issue: I've got SQL2000 back-end servers and IIS front-end servers for anonymous and customer access. While I need to keep the SQL servers on the trusted LAN and the webservers on the DMZ, is it generally more secure to have the webservers accessing the SQL servers via SQL authentication and keep the webservers out of the active directory domain, or is it more secure to keep everything in one (or a second trusted) active directory domain so that I can use NT authentication between the SQL and IIS services?
-Steve

 

[chiph]

We have a similar layout. We use Windows authentication over our private customer-support connection to the site (encrypted from us to our hosting provider), but the code on the web and application servers use SQL authentication.

Chip H.