[3535] in java-interest
Re: How java apps get krb tickets?
daemon@ATHENA.MIT.EDU (Marianne Mueller)
Wed Nov 15 20:02:52 1995
Date: Wed, 15 Nov 1995 12:10:54 -0800
From: mrm@puffin.Eng.Sun.COM (Marianne Mueller)
To: normanb@citi.umich.edu
Cc: lsbart35@emmo.indy.cr.irs.gov, acain@snapple.ncsa.uiuc.edu,
java-kerberos@lists.Stanford.EDU, www-kerberos@lists.Stanford.EDU,
java-interest@java.Eng.Sun.COM
In-Reply-To: David R Richardson's message of Wed, 15 Nov 1995 14:36:51 -0500 <199511151937.LAA23399@mercury.Sun.COM>
In JDK 1.0, an applet cannot read or write files on a remote client,
so I don't think it can get a Kerberos ticket in that way. (By
client, I mean a Java-enabled browser running on a desktop computer.)
What you could do is implement some style of server-side persistent
data, which applets can access. I guess for Kerberos, this isn't any
good, since the whole point is that you don't want to expose the
Kerberos private-ticket traffic to IP.
Maybe the problem of bootstrapping Kerberos security is similar to the
key management conundrum. Short term, people might could get around
some of the key management problems by keeping a set of public keys on
their local hard disks, and not attempting to get those over IP.
Physical devices like smart cards might also gain popularity as a way
to store and share public keys.
Marianne
Java Products Group
-
This message was sent to the java-interest mailing list
Info: send 'help' to java-interest-request@java.sun.com
