[841] in Kerberos
Re: costs of kerberos and X.500
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Mon Dec 18 16:33:55 1989
From: Theodore Ts'o <tytso@ATHENA.MIT.EDU>
To: NESSETT@CCC.NMFECC.GOV
Cc: KERBEROS@ATHENA.MIT.EDU
In-Reply-To: NESSETT@CCC.NMFECC.GOV's message of Mon, 18 Dec 89 12:14:03 PST,
Reply-To: tytso@ATHENA.MIT.EDU
Date: Mon, 18 Dec 89 12:14:03 PST
From: NESSETT@CCC.NMFECC.GOV
Comment: From NESSETT@CCC.MFENET on December 18, 1989 at 12:14 PST
Even a margin cost argument must take into account the impact of decreased
interoperability when a non-standard authentication mechanism is employed.
Given that the certificate approach has major technical advantages.....
This may not be the right list to be debating the pro's and con's of the
certificate approach; if so, please respond via personal mail. However,
I don't see how it's obvious that the certificate approach has ``major
technical advantages.'' For example, Jeff's point that Kerberos
provides a much easier way to revoke authentication privileges --- just
chage the password!
Could you detail the ``obvious technical advantages''? Thanks!
- Ted
