[1788] in Kerberos
Re: Kerberos Question
daemon@ATHENA.MIT.EDU (John Carr)
Sun Mar 1 14:22:07 1992
To: cherokee@gators.b11.ingr.com
Cc: kerberos@Athena.MIT.EDU, info-kerberos@Athena.MIT.EDU
In-Reply-To: Your message of "Wed, 26 Feb 92 12:32:19 CST."
Date: Sun, 01 Mar 92 11:44:14 EST
From: John Carr <jfc@Athena.MIT.EDU>
The Kerberos 4 and Kerberos 5 protocols are incompatible. The MIT
Kerberos 5 distribution contains some compatibility code:
There is a library which converts Kerberos 4 library calls into
Kerberos 5 requests, so you can run many V4 programs in a V5
environment by relinking.
The Kerberos server can optionally service V4 requests.
There is a program to convert a V4 format Kerberos database to
a V5 format database.
The names used by the V5 library have a prefix "krb5_" so they do not
conflict with the V4 library.
> Another topic I am interested in is the bugs DCE has released
>to you concerning Kerberos. I am also interested in the extensiveness
>of the changes and problems they made.
There have been reports of security problems in the Kerberos 5 implementation
and bugs in the Kerberos 5 protocol. We are working on fixing these. As a
result, we recommend that people consider the Kerberos 5 beta test release to
be experimental software. When we have a version of Kerberos that we feel is
stable and can be trusted in a secure environment we will say so.
