[1304] in Kerberos
Re: Kerberos for DOS-based networks
daemon@ATHENA.MIT.EDU (Stephen C. Trier)
Mon Mar 18 23:38:17 1991
Date: Tue, 19 Mar 91 04:03:17 GMT
From: trier@cwlim.INS.CWRU.Edu (Stephen C. Trier)
Reply-To: trier@po.CWRU.Edu
To: kerberos@shelby.Stanford.EDU
From my understanding of Kerberos, it should be well-suited to a DOS
environment. Essentially, a DOS machine's security is like a Unix
machine where every user has automatically broken into root. Perhaps
I'm being naive, but that sounds a lot like MIT, where the Athena
workstation root password has been _published_.
I would worry more about the technical details: Making the DES routines
run on a 16-bit, backwards-byte-order machine, fitting the necessary
new commands into the memory model of your choice, and finding a decent
place to put the tickets. (File? Network kernel? I don't know.)
Perhaps most of these problems have been solved already.
As for my experience with Kerberos on DOS, I think the admins here have
agreed it would be nice. I took a brief look at doing a port, but I
did not have enough time to determine how feasible it might be.
--
Stephen Trier Case Western Reserve University
Work: trier@cwlim.ins.cwru.edu Information Network Services
Home: sct@seldon.clv.oh.us %% Any opinions above are my own. %%
