[1248] in Kerberos
Re: Future of Kerberos and Vendor support
daemon@ATHENA.MIT.EDU (Jeffrey I. Schiller)
Mon Feb 18 23:43:59 1991
Date: Mon, 18 Feb 91 22:50:18 -0500
From: Jeffrey I. Schiller <jis@MIT.EDU>
To: gregh@aplcomm.JHUAPL.EDU
Cc: kerberos@MIT.EDU
In-Reply-To: Robert G. Hollingsworth's message of 18 Feb 91 20:24:21 GMT <368@aplcomm.JHUAPL.EDU>
DEC will be offering an authentication system which I believe
will be called "SPX" (formerly known as Sphinx). SPX is not Kerberos
with RSA added. It is a separate system which is based on RSA Public
Key Encryption.
SPX offers a lot of the same features of Kerberos, but is not
a Kerberos spinoff.
The good news is that the SPX developers and the Kerberos
developers have been in touch with each other. Our hope is to offer a
generic application programmer's interface (Generic API) that will
work with either SPX or Kerberos. This would also support the linking
of applications so as to allow them to operate in either an SPX or
Kerberos environment.
We have also begun preliminary internal discussions on how to
integrate public key technology directly into Kerberos. For now this
is a back burner project at MIT (V5 needs to get out the door!).
... Can
anyone comment on what I can expect to see in the future in the
Kerberos arena. Will we ever be able to use Kerberos in our large
heterogeneous network?
Expect to see Kerberos enhanced to support Public Key at some point.
Ideally I would hope to see the Kerberos and SPX technologies merged
into one comprehensive (and compatible) system. How we do this, I
don't rightly know... but I think it is in everyone's interest. [Note:
I *do* expect to see the Generic API mentioned above, getting the
protocols themselves to interact is a tougher goal, and is what I am
referring to in this paragraph.]
-Jeff
