[4116] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Kerberos-5-beta4 vs Kerberos-4

daemon@ATHENA.MIT.EDU (Donald Sharp)
Mon Oct 31 12:34:48 1994

Date: Mon, 31 Oct 94 09:44:22 EST
From: cc32859@vantage.fmrco.com (Donald Sharp)
To: forrie%wang.com@stowe.fmrco.com
Cc: kerberos%MIT.EDU@stowe.fmrco.com

>I ran across a document by Bellovin and Merritt (AT&T Bell Labs) which
>attacked Kerberos-4 with many comments about limitations and weaknesses,
>some of which may already have been addressed in the current version.

The paper "The Evolution of the Kerberos Authentication Service" by
John. T. Kohl talks about the shortcomings of V4 and the changes made
for V5.  This can be found at
athena-dist.mit.edu:pub/kerberos/doc/krb_evol.PS

Not all of the limitations mentioned by Bellovin & Merrit are addressed.

--------
Don Sharp		cc32859@vantage.fmrco.com
Fidelity Investments	(617) 570-3905
82 Devonshire St. A2A
Boston, MA 02109


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4116] in Kerberos

Re: Kerberos-5-beta4 vs Kerberos-4

daemon@ATHENA.MIT.EDU (Donald Sharp)Mon Oct 31 12:34:48 1994

daemon@ATHENA.MIT.EDU (Donald Sharp)
Mon Oct 31 12:34:48 1994