[4272] in Kerberos
Re: New Internet-Draft
daemon@ATHENA.MIT.EDU (Shawn Mamros)
Fri Dec 2 09:46:05 1994
To: kerberos@MIT.EDU
Date: Fri, 02 Dec 1994 09:17:27
From: mamros@ftp.com (Shawn Mamros)
ggm@dingo.cc.uq.oz.au (George Michaelson) writes:
>Until V5 is export approved, this is meaningless in the context of a
>global internet.
So we have silly export laws in the US. What's to stop you (or some
other enterprising soul outside of the US) from writing your own
Kerberos V5 implementation? I haven't seen any export restrictions
on RFC 1510 anywhere; take that and your own DES implementation and
run with it... Nobody ever said MIT had to be the sole provider
of V5 source code for the entire universe.
>I think a downgrade spec for KIV which could drop into eBones would have
>been nice for the rest of us hangers-on.
The V4 protocol doesn't have the extensible fields that V5 has.
Without those, there really isn't any good way to do the same thing
in V4 that wouldn't break compatibility with existing V4 kinit
implementations.
>Any chance of discussion of this at IETF? I can't understand how the
>global motherhood body can float RFC's that can't be globally deployed...
Global deployment does not require a single globally available
implementation. As I said, there's nothing stopping one from writing
their own V5 implementation, other than time and effort.
-Shawn Mamros
E-mail to: mamros@ftp.com
Speaking for myself only, not for my employer...
