[3073] in WWW Security List Archive
Re: Client->Proxy Authentification
daemon@ATHENA.MIT.EDU (RL "Bob" Morgan)
Wed Sep 25 16:10:11 1996
Date: Wed, 25 Sep 96 11:20:24 -0700
From: RL "Bob" Morgan <Bob.Morgan@Stanford.EDU>
To: "Brian W. Spolarich" <briansp@ans.net>
Cc: "Maria Jose Yanez Freire " <myanez@ait.uvigo.es> (Paco),
www-security@ns2.rutgers.edu
In-Reply-To: Your message
<Pine.GSO.3.94.960924164911.19367F-100000@thebrain.aa.ans.net> of Tue, 24 Sep
1996 16:52:42 -0400 (EDT)
Errors-To: owner-www-security@ns2.rutgers.edu
> identd isn't really a useful service, since the
> information provided is completely voluntary, can be
> easily faked, and is hardly ubiquitous.
See my internet-draft, draft-morgan-ident-ext-00.txt, for a proposal to extend
Ident to do proper authentication. We're working on implementations (Mac, PC,
UNIX) using kerberos, for intra-campus purposes. This will work with a web
authentication scheme that essentially puts kerberos tickets in cookies. I hope
to post more info about that fairly soon.
- RL "Bob" Morgan
DCCS
Stanford
