[23992] in Kerberos
Re: Kerberos for Wireless Authentication
daemon@ATHENA.MIT.EDU (Saber Zrelli)
Fri Jun 3 14:10:57 2005
Date: Sat, 04 Jun 2005 03:10:12 +0900
From: Saber Zrelli <zrelli@jaist.ac.jp>
In-reply-to: <tsl8y1s91o8.fsf@cz.mit.edu>
To: Sam Hartman <hartmans-ietf@mit.edu>
Message-id: <20050603181012.GA1653@mlserv.jaist.ac.jp>
MIME-version: 1.0
Content-type: text/plain; charset=euc-jp
Content-disposition: inline
cc: NetSteady <cmhutch@gmail.com>
cc: cmh@netsteady.cc
cc: kerberos@mit.edu
cc: ietf-krb-wg@anl.gov
Errors-To: kerberos-bounces@mit.edu
Hi ,
* On 12:13, Thu 02 Jun 05, Sam Hartman wrote:
> >>>>> "Saber" == Saber Zrelli <zrelli@jaist.ac.jp> writes:
>
> Saber> There is however a draft called "IAKERB" that provides
> Saber> pass-through authentication using kerberos
> Saber> (http://watersprings.org/pub/id/draft-ietf-cat-iakerb-08.txt),
> Saber> that can do the trick.
> Note that this draft has been rejected by this working group and is no
> longer an ongoing effort. Some party could choose to fix the problems
> in that draft and attempt to bring it back, but last time this came up
> no one offered to do that work.
I think that the problem tagetted by IAKERB are a big obstacle that
limit the scenarions where Kerberos can be used.
Specially, concerning wireless access networks, Kerberos can be very
convenient due to the fact that tickets have life-times, which means
that clients do not need to ride the full authentication path each
time they perform a hand-over. Current methods based on EAP, are
defining context transfer protocols to attack the problem related to
the latency of handovers ( CTP for PANA in PANA wg ). Kerberos IMHO,
can offer fast handover in wireless access networks, but it requires
some complementary protocols such as IAKERB.
I really think that working on this axis should be amongst the
milestones of kerberos wg.
Regards.
--
Saber ZRELLI <zrelli@jaist.ac.jp>
Japan Advanced Institute of Science and Technology
Center of Information Science
Shinoda Laboratory
url : http://www.jaist.ac.jp/~zrelli
gpg-id : 0x7119EA78
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
