[1773] in Kerberos
Re: MIT vs. OSF/DCE Kerberos Differences
daemon@ATHENA.MIT.EDU (Joe Pato)
Wed Feb 26 16:13:13 1992
From: pato@apollo.hp.com (Joe Pato)
Date: Wed, 26 Feb 92 14:48:56 EST
To: seclark@iscnvx.lmsc.lockheed.com (Steve Clark)
Cc: kerberos@Athena.MIT.EDU
In-Reply-To: seclark@iscnvx.lmsc.lockheed.com (Steve Clark), tue, 25 feb 92 20:53:19
What, if any, public sources of information are there describing the
differences between MIT Kerberos 5 and OSF/DCE Kerberos?
Steve Clark
Lockheed, Sunnyvale, CA
At this time there are no public sources except for the OSF. The OSF has
published manuals for the DCE and made source tapes available for a license fee
- but I can tell you that the Kerberos API is not documented by the OSF. The
kerberos API is optional and vendors can choose to expose it or leave it hidden
in the implementation of the DCE. Other information about the DCE security
API and managing the servers etc. is available in the document set.
As far as the protocol specification, the OSF DCE implements the protocol
described in the Kerberos Version 5 Revision 5 RFC. (This revision of the RFC
has not yet been made public, but incorporates changes to the protocol
discussed on the krb-protocol discussion group between the spring and winter of
1991. These changes are not in the beta1 code from MIT and are not in draft 4
of the document that is publicly available. Revision 5 of the RFC should
become available imminently.)
-- Joe Pato
Cooperative Object Computing Division / East
Hewlett-Packard Company
pato@apollo.hp.com
-------
