[7180] in Kerberos
Re: Commercial applications that use GSS-API?
daemon@ATHENA.MIT.EDU (Alain Lavoie)
Wed May 1 04:02:32 1996
To: kerberos@MIT.EDU
Date: Wed, 1 May 1996 02:09:43 GMT
From: Alain Lavoie <allavoie@qc.bell.ca>
Anne Hopkins wrote:
>
> I'm trying to get a feel for how many commercial apps are using (or plan to
> use) GSS-API (whether Kerberos or another security mechanism).
>
> My current hunch is that Oracle and Sybase are moving in that direction and
> that SOCKS5, IMAP, and S-HTTP have standards defined for using GSS-API. Can
> anyone provide additional examples?
>
> Thanks in advance. Please cc me directly.
Hello Anne,
We are using gss-api under a DCE environment. It is our intention
to interface specifically with this API as it is available under
OSF DCE 1.1 (Sun and HP)
CyberSafe Kerberos implementation
Openvision Kerberos implementation
Mit distribution Kerberos Beta 5 implementation
A version 2 of the Gss-api RFC 1508 (written by John Linn) is in draft right now
and available on the internet. You will find free code sample of a typical
client-server message exchange in the FREE MIT Kerberos distribution under the
gss-sample directory. You will need a minimum setup to run these:
KDC running,
file /etc/krb5.conf configured,
Kerberos service added in the Kerberos database.
We have tested the MIT Kerberos distribution to be
compatible with the DCE KDC (HP version 1.4).
Refer to Internet RFC 1508 for the API description and to the RFC 1510 for
the C-bindings. The MIT Kerberos distribution is also incorporating
some Windows directory, but we haven't tested them yet. As you are discovering
Gss-api is becoming (if not already) the security API to develop on.
Notice that Gss-api focus on the user authentication and avoid authorisation
schemes (besides authorisation based on user id). This part is left for vendors
implementation like DCE.
Good readings,
Alain.
--
============================================================================
Alain Lavoie allavoie@qc.bell.ca
Consultant (514) 870-6493 VOICE
Bell Sygma Telecom Solutions (514) 870-3004 FAX
25N1-700 de la Gauchetiere ouest
Montreal(Que.) H3B 4L1
Canada
============================================================================
