[16063] in Kerberos_V5_Development
Re: Windows future
daemon@ATHENA.MIT.EDU (Jeffrey Altman)
Tue Aug 17 09:40:04 2010
X-Envelope-From: jaltman@secure-endpoints.com
X-MDaemon-Deliver-To: krbdev@mit.edu
Message-ID: <4C6A912B.7080105@secure-endpoints.com>
Date: Tue, 17 Aug 2010 09:39:55 -0400
From: Jeffrey Altman <jaltman@secure-endpoints.com>
MIME-Version: 1.0
To: krbdev@mit.edu
In-Reply-To: <4C655040.3020007@anl.gov>
Reply-To: jaltman@secure-endpoints.com
Content-Type: multipart/mixed; boundary="===============1351962404=="
Errors-To: krbdev-bounces@mit.edu
This is a cryptographically signed message in MIME format.
--===============1351962404==
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
micalg=sha1; boundary="------------ms030702030505000008070406"
This is a cryptographically signed message in MIME format.
--------------ms030702030505000008070406
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 8/13/2010 10:01 AM, Douglas E. Engert wrote:
> What is missing is an OpenAFS aklog that can use SSPI.
> My old gssklog from 2004 could use SSPI :-)
While it is certainly true that the rxkad aklog could be implemented
using the LSA credential cache functions to request a krb5 service
ticket for afs, the SSPI cannot be used to obtain rxgk security tokens
because it lacks an implementation of the GSS PRF.
There will be a need for a non-Microsoft Kerberos/GSS implementation for
use with AFS implementation for quite some time to come.
Jeffrey Altman
--------------ms030702030505000008070406--
--===============1351962404==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
--===============1351962404==--
