[4334] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: request for commentary on krb IV server mod

daemon@ATHENA.MIT.EDU (Derrick J. Brashear)
Tue Dec 13 14:03:33 1994

To: kerberos@MIT.EDU
Date: Tue, 13 Dec 1994 11:56:16 -0500
From: "Derrick J. Brashear" <db74+@andrew.cmu.edu>

Excerpts from netnews.comp.protocols.kerberos: 13-Dec-94 Re: request for
commentary .. by John Hascall@iastate.edu 
>    The presumed benefit to TGT-forwarding for telnet is that
>    you need not type your password across an unsecure net-connection.
>    However, if you've disabled the address checking, and just sent
>    a TGT across the wire, haven't you just given the snooper something
>    just about as good as a cleartext password?
Only if the connection isn't encrypted, which in the case of our
software it is. You can only forward a tgt with telnet if you have an
encrypted connection.

-D


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4334] in Kerberos

Re: request for commentary on krb IV server mod

daemon@ATHENA.MIT.EDU (Derrick J. Brashear)Tue Dec 13 14:03:33 1994

daemon@ATHENA.MIT.EDU (Derrick J. Brashear)
Tue Dec 13 14:03:33 1994