[366] in java-interest
Re: Enlighten me please
daemon@ATHENA.MIT.EDU (Chuck McManis)
Fri Jun 16 13:47:23 1995
Date: Fri, 16 Jun 1995 10:24:39 -0700
From: cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
To: java-interest@java.Eng.Sun.COM
Actually Kerberos is a shared secret mechanism for authenticating servers
and clients. As it depends on the security of a single "master key holder"
to work it is generally considered to be limited in its uses. (This isn't
a slam on Kerberos really.) Further since it has fairly severe administration
overhead for larger groups, it it not generally believed to be applicable
to the "Internet" at large.
All that being said, there are lots of people who are using Web servers
inside their organization to distribute timely information and they wish
to have something that is more secure than the basic authorization offered
by generic Mosaic. Within this context a kerberized httpd and client make
perfect sense.
Implementing kerberos calls in Java looks to be straight forward (I've
just given it a casual glance to check for the common gotcha's like a
non-MT safe library.) Whether or not we will ship support for it I cannot
say (not that its a secret, I just don't know)
--Chuck
-
Note to Sun employees: this is an EXTERNAL mailing list!
Info: send 'help' to java-interest-request@java.sun.com
