[1930] in Kerberos
Re: kerberos & novell
daemon@ATHENA.MIT.EDU (Keith Brown)
Tue May 26 20:47:52 1992
Date: 27 May 92 00:15:40 GMT
From: keith@novell.com (Keith Brown)
To: kerberos@shelby.Stanford.EDU
In article <1992May19.195248.19623@cunixf.cc.columbia.edu> Gerald Pulver <gp15@columbia.edu> writes:
>Have you had any experience (or heard any rumors) of kerberos being used
>on novell networks? I'd like to know what has already been done. (pointers:
>both direct & indirect, would be appreciated.) Thanks.
NetWare has been walking down the RSA trail in terms of authentication
services. Use of Kerberos has not been entirely eliminated but RSA
looks far more commercially viable today. Distribution and implementation
of RSA technology is carefully controlled and limited (it must be licensed
from the one source). As a consequence, there is a defacto standard RSA and
implementations can be trusted.
Kerberos suffers from the fact that its source is widely available and
abusable by any Joe on the internet whose figured out how to use FTP.
Being such a Joe, I could FTP it over from MIT now, change a few lines
of code, insert a back door or two and unleash my kludgery upon an
unsuspecting planet. Is this what you would wish your bank to be using?
Keith
-
Keith Brown Phone: (408) 473 8308
Novell San Jose Development Centre Fax: (408) 433 0775
2180 Fortune Dr, San Jose, California 95131 Net: keith@novell.COM
