[386] in Kerberos-V5-bugs
Kerberos Inter-Realm Communication Details
daemon@ATHENA.MIT.EDU (Jeffrey Alguire)
Tue Nov 16 16:22:19 1993
From: alguire@turing.scs.carleton.ca (Jeffrey Alguire)
To: krb5-bugs@MIT.EDU
Date: Tue, 16 Nov 93 16:21:35 EST
Cc: kerberos-request@MIT.EDU
Hello:
My name is Jeffrey Alguire, and I am a Master of Computer Science student at
Carleton University in Ottawa, Ontario, Canada. My term project for one of
my current courses entails the evaluation of Kerberos 5 for use within a
major REAL MULTI-SITE MEDIUM TO LARGE-SIZED Corporate environment. I will
report to my professor as well as to the Security Department of that
corporation by Dec. 13, 1993.
I have a problem that I would greatly appreciate your assistance in solving
if possible. I have read your Version 4 document of 1988 (Project Athena
Technical Plan, Section E.2.1, "Kerberos Authentication and Authorization
System", by S.P. Miller, B.C. Neuman, J.I. Schiller and J.H. Saltzer), and
some of the Version 5 document of September 1, 1992 ("The Kerberos Network
Authentication Service (V5)" by John Kohl and B. Clifford Neuman"). It seems,
though, that I have not been able to ascertain/comprehend some details
concerning INTER-REALM cmunication, an area which my analysis must strongly
focus on.
The corporation has many departments which may want to use separate realms.
In addition, it may wish to communicate with other organizations or authorize
resource access for those organizations in a secure manner. Finally,
Reorganization is common, sometimes expected to necessitate the redefinition
of realm hierarchies.
Right now,three questions come to mind, though there will likely be more later.
1. There is mention that, within a hierarchy of realms, each shares a secret
key with its parent, as well as one with each of its children. If a user
needs to access a remote realm with which her/his home realm has no
connection (shared key), the request should apparently be passed to the
"next realm" along the path to the target realm. How can this be done, unless
all master servers within a given set of realms that may want to communicate
have a complete tree of all such realms? If that is established (a complex
task in itself for large organizations), how is it to be modified (suppose
two realms combine or more realms are added) "across the board", in a
secure manner?
2. If users need to change realms, how is this done?
3. Must key distribution between realms require the intervention of system
administrators?
In summary, could you please send me - or point me to - all releasable info/
problem discussions re: inter-realm communication? (Note: We are well aware
of, and will most certainly abide by, international laws concerning the
international distribution of encryption algorithms and materials relating
to hardware/software/information security.)
I thank you in advance for your attention in this matter.
Jeffrey C. Alguire
M.C.S. Student,
School of Computer Science,
Room 538, Herzberg Physics Building.
Carleton University,
1125 Colonel By Drive,
Ottawa, Ontario, Canada.
K1S 5B6
Tel: (H) (613) 224-2393 / (613) 225-2393
(O) (613) 788-4333
E-mail: alguire@scs.carleton.ca
