[23675] in Kerberos

home help back first fref pref prev next nref lref last post

Re: Getting single DES TGT

daemon@ATHENA.MIT.EDU (Sam Hartman)
Fri Apr 8 09:49:02 2005

To: "Tim Alsop" <Tim.Alsop@CyberSafe.Ltd.UK>
From: Sam Hartman <hartmans@mit.edu>
Date: Thu, 07 Apr 2005 18:45:13 -0400
In-Reply-To: <0D8F2EFD3A10E24DAEEA48EA6DA07D30152B32@postman-pat.csafe.local>
	(Tim Alsop's message of "Thu, 7 Apr 2005 23:09:09 +0100")
Message-ID: <tsl1x9m435y.fsf@cz.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu

>>>>> "Tim" == Tim Alsop <Tim.Alsop@CyberSafe.Ltd.UK> writes:

    Tim> It looks like you have noticed that the Oracle ASO 'Kerberos'
    Tim> adapter includes Kerberos code based on an old release of MIT
    Tim> libraries.  However, the 'CyberSafe' adapter included in ASO
    Tim> uses GSS-API, which means the GSS-API/Kerberos library can be
    Tim> updated to support new ciphers when available without
    Tim> effecting the Oracle software deployment - a much better
    Tim> architecture, I am sure you will agree ?

I'll certainly agree that using a modern Kerberos implementation is a
good thing.  I don't see how using GSS vs Kerberos has anything to do
with the ease of updating the library.
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post