[6982] in cryptography@c2.net mail archive
Re: "Microsoft to publish details of Kerberos Authorisation Data in Windows 2000"
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Tue May 2 10:19:27 2000
From: Marc Horowitz <marc@mit.edu>
To: Grant Bayley <gbayley@ausmac.net>, lseaman@spinnakernet.com
Cc: cryptography@c2.net, bugtraq@securityfocus.com
Date: 02 May 2000 01:42:18 -0400
In-Reply-To: Grant Bayley's message of "Mon, 1 May 2000 17:09:58 +1000 (EST)"
Message-ID: <t53n1m9eced.fsf@horowitz.ne.mediaone.net>
Grant Bayley <gbayley@ausmac.net> writes:
>> The silly part is, and I hope someone from Microsoft is listening, but why
>> is this document distributed as a .exe file when the previous page says
>> "Requires Adobe Acrobat Reader"?
Microsoft hasn't yet figured out how to digitally sign content without
embedding it in a .exe file, and they digitally sign all their
downloads.
"Lyle Seaman" <lseaman@spinnakernet.com> writes:
>> Are you _sure_ that nonsense was in every
>> copy of kerberos.exe?
>>
>> Not to worry, the document didn't reveal
>> one snippet of information that wasn't already
>> in the public domain. Nice introduction to how
>> Kerberos works, but I hope they don't claim
>> *that* as trade secret. Well, the cat's out of the
>> bag now, isn't it?
The document we're discussing is kerbspec.exe. It contains
information which, to the best of my knowledge, had not yet been
reverse-engineered.
Marc
