[6224] in Kerberos
version
daemon@ATHENA.MIT.EDU (Art Houle)
Tue Nov 14 12:03:19 1995
Date: Tue, 14 Nov 1995 11:47:50 -0500 (EST)
From: Art Houle <houle@acns.fsu.edu>
To: kerberos@MIT.EDU
Hello,
As I understand it there are 2 version of kerberos available, version4
and version5. They are incompatable, so if I want to use a central
authentication scheme for 8 terminal servers (3 brands) and 6 unix hosts
(Solaris & AIX_V3) all systems must support one version of kerberos.
Version 4 has been in its final form since December 1992 (~3 years).
Version 5 has since been in development since then and is still
identified by BETA version numbers. (Currently beta 5). Since I am
interested in the security and stability for a large user base, the
concept of 10,000 users relying on beta code for secure authentication
frightens me!
Of course this is great incentive to pay real money to the private
spin-offs that have given jobs to the developers of secure products. And
of course the Federal Government seems to want the common folk to be
without security while at the same time giving 'carte blanche' to the
international banking community. ...argh! Weren't we supposed to have
something ..'of the people, for the people'.. (yes, I know this is for
technical issues not political ones, sorry 'bout that. But this freedom
of security is the basis of power for the people and should not be just for
the war mongers.)
But the issue at hand is to decide if kerberos version 5 is ready for
implementation. Can it give secure authentication to 10,000 users across
multiple platforms?
If it can, why is it still called 'BETA 5' and not version xx.yy ?
Is there an estimate of release of a non-beta version?
TIA.
Art Houle e-mail: houle@acns.fsu.edu
Academic Computing & Network Services Voice: 644-2591
Florida State University FAX: 644-8722
