[5468] in Kerberos
Re: Kerberos V and DCE
daemon@ATHENA.MIT.EDU (Joe Ramus)
Thu Jul 6 13:18:23 1995
Date: Thu, 6 Jul 95 10:00:41 PDT
From: ramus@nersc.gov (Joe Ramus)
To: agoel@hpl.hp.com, dcrocker@brandenburg.com
Cc: kerberos@MIT.EDU
>> Date: Thu, 6 Jul 1995 08:28:56 -0700
>> To: agoel@hpl.hp.com (Ashish Goel)
>> From: Dave Crocker <dcrocker@brandenburg.com>
>> Subject: Re: Kerberos V and DCE
>> Cc: kerberos@MIT.EDU
>>
>> At 11:53 AM 6/30/95, Ashish Goel wrote:
>> >Has anyone else run into this problem? Any help would be really appreciated.
>>
>> MIT Kerberos & DCE Kerberos are different protocols, in spite of
>> their similarities. They don't interwork.
>>
>> d/
>>
>> --------------------
>> Dave Crocker
>> Brandenburg Consulting +1 408 246 8253
>> 675 Spruce Dr. fax: +1 408 249 6205
>> Sunnyvale, CA 94086 page: +1 408 581 1174
>> USA dcrocker@brandenburg.com
Mr. Crocker's statement is very much wrong.
Many sites are using MIT Kerberos 5 and DCE Kerberos together.
One approach is to use the DCE Security Service as the
Kerberos 5 KDC for Kerberos authenticated applications. The applications
are built on the MIT Libraries. And Kerberos 5 tools such as kinit can
be used with the DCE Security Service. Kerberos 5 rlogin/rlogind and
telnet/telnetd can use the DCE Kerberos.
There have been a number of messages posted on the Kerberos mailing
list discussing the interoperation. We have a Multi-site project
involving several DOE Labs where the goal is to unify Kerberos 5 & DCE.
Joseph E. Ramus
NERSC Lawrence Livermore Lab
PO BOX 5509 L-560
Livermore, CA 94551-9900
Phone: (510) 423-8917
Email: ramus@nersc.gov
