[291] in Kerberos_V5_Development
Re: [Vick Khera: kerberos for X11R4 server authorization]
daemon@ATHENA.MIT.EDU (Barr3y Jaspan)
Wed Sep 19 00:27:45 1990
Date: Wed, 19 Sep 90 00:27:22 EDT
From: "Barr3y Jaspan" <bjaspan@ATHENA.MIT.EDU>
To: John T Kohl <jtkohl@ATHENA.MIT.EDU>
Cc: jfc@ATHENA.MIT.EDU, swick@ATHENA.MIT.EDU, krbdev@ATHENA.MIT.EDU,
In-Reply-To: [290]
At least in the Project Athena environment, such a modification would
not be useful under Kerberos Version 4 since most users run on a
public workstation (a machine not registered with Kerberos).
On the other hand, a Kerberos Version 5 extension *would* be useful
since user-to-user authentication could be used. Something like "xset
krbccache" could tell the X server where to look for the user's
credentials and the rest would be automatic. The question of "who is
allowed to do xset krbccache?" would have to be addressed.
I believe that Kerberos V5 is currently in alpha-test. I would
imagine it would be ready in time for the next significant X11 release
(R5?).
Just my personal opinions,
Barr3y Jaspan, bjaspan@athena.mit.edu
