[3413] in Kerberos
Re: Kerberos and DCE
daemon@ATHENA.MIT.EDU (Dave Crocker)
Wed Jun 15 21:54:19 1994
Date: Wed, 15 Jun 1994 18:36:30 -0700
To: eric@atrium.com (Eric J. Rothfus)
From: dcrocker@mordor.stanford.edu (Dave Crocker)
Cc: kerberos@MIT.EDU, eric@atrium.com
I, too, am interested in hearing the details of actual use.
For reference...
At 9:00 AM 6/15/94, Eric J. Rothfus wrote:
>connecting Kerberos clients to DCE cells. That is,
In reality, the client is not connecting to a "DCE cell". The
client is connecting to a server that performs dual functions,
one as a DCE Kerberos server and the other as an MIT Kerberos V5
server. They really should be treated as independent services,
in spite of the fact that the functionality is shared within
a single code/machine set.
>allowing non-DCE, but kerberos "enabled", clients to
>connect to a DCE cell (and the underlying kerberos)
>to obtain authentication tix. The goal is to allow
Except that it also requires that the application server (i.e., the
OTHER Kerberos client) to do one or the other. If a given application
chooses to support both DCE Kerberos AND MIT Kerberos, fine, but
again, that server is simply running a dual stack of security stuff.
Dave
+1 408 246 8253 (fax: +1 408 249 6205)
