[5640] in Kerberos
Re: SSL as Kerb replacement?
daemon@ATHENA.MIT.EDU (Phi H Truong)
Wed Aug 9 11:25:47 1995
To: kerberos@MIT.EDU
Date: 9 Aug 1995 14:56:06 GMT
From: orion@iastate.edu (Phi H Truong)
Reply-To: orion@iastate.edu (Phi H Truong)
In article <199508090323.UAA17585@ihtfp.org>,
Derek Atkins <warlord@ihtfp.org> wrote:
>The problem with using SSL is that there is no authentication. Yes,
>you can easily encrypt the connection, but you still do not get any
>kind of user<->server authentication. There is no way for the server
>to know who you are, save for you typing your password, which defeats
>the idea of single signon.
>
>Kerberos gives you a means to signon once, obtain kerberos tickets,
>and then log into as many hosts as you want without requiring you to
>re-authenticate. SSL does not, and can not, provide this
>functionality.
>
>SSL has its uses, but so does Kerberos.
>
According to the authors of SSLeay, there will be kerberos authentication
incoporate into SSL in the future.
--
_____
Phi H. Truong "No wisdom. No enlightenment. Only you."
orion@iastate.edu ISU Computation Center
Systems Analyst 237 Durham Center ph: (515) 294 -1420
