[4669] in Kerberos
Re: public-key inter-realm authentication
daemon@ATHENA.MIT.EDU (P V McMahon)
Wed Feb 22 22:07:39 1995
To: kerberos@MIT.EDU
Date: Thu, 23 Feb 1995 02:21:55 +0000
From: pvm@icle.demon.co.uk (P V McMahon)
Reply-To: p.v.mcmahon@rea0803.wins.icl.co.uk
> From: jim@bilbo.suite.com (Jim Miller)
> Date: 16 Feb 1995 22:16:52 -0500
>
> Do any of you know of any papers that discuss modifying Kerberos to use
> public keys for inter-realm authentication? I've seen this idea mentioned
> now and then over the past couple of years and was wondering if there has
> been any real work in that direction.
As Adam Cain said, there is a paper on this which describes SESAME's
implementation available at ftp.enst.fr:/pub/sesame.
Ravi Ganesan's paper doesn't specifically address inter-realm
authentication, although in principle the approach which it
advocates for public key integration should be extensible for
the inter-realm case.
> From: douzzer@MIT.EDU (Daniel G. Pouzzner)
> Date: 17 Feb 1995 05:59:12 -0500
>
> I have scribbled down a detailed plan for how to implement this, but
> have not as yet found the time to implement. The nearest approximation
> of this sort of scheme I know of is the defunct DEC Sphinx project,
> though others may well have already created hybridized Kerberos-based
> systems. At any rate, I'd very much like to be involved in any effort
> to create such a system.
Work on this in a standards track context is anticipated as there is
general interest in making this extension.
If you are interested in looking at what we've done, let me know.
> From: adcg9841@uxa.cso.uiuc.edu (adam cain)
> Date: 20 Feb 1995 20:44:14 GMT
> Organization: University of Illinois at Urbana
>
> Check out the SESAME project going on in Europe.
> ftp: ftp.enst.fr /pub/sesame
> contact Piers McMahon at ICL
> p.v.mcmahon@rea0803.wins.icl.co.uk
>
> or Ravi Ganesan's Yaksha project: Ravi.Ganesan@Bell-Atl.Com
>
> Please don't complain to me if any of these pointers doesn't work. I'm just
> copying the info from the proceedings from the Symposium on Network and
> Distributed System Security.
They work :-).
Piers
--
P V McMahon
email: p.v.mcmahon@rea0803.wins.icl.co.uk
phone: +44-734-634883
