[215] in Kerberos
case sensitivity
daemon@TELECOM.MIT.EDU (Jerome H. Saltzer)
Tue Sep 8 17:01:27 1987
To: kerberos@ATHENA.MIT.EDU
From: Jerome H. Saltzer <Saltzer@ATHENA.MIT.EDU>
I propose that Kerberos be modified to be non-case-sensitive in both
principal and instance identifiers. Does anyone know a good reason
for Kerberos to maintain case sensitivity? It doesn't appear to be a
requirement to operate with UNIX.
The issue comes up right now because we are being bitten by
applications that have obtained a ticket for an instance identifier
heracles, then look for it later using the identifier HERACLES, and
fail. Since we have a widely known convention that host names are
not case-sensitive, the failure is a surprising result. Some
applications have worked around this problem by including explicit
code that coerces instance names to lower case, because they know
that Kerberos administrators conventionally use lower case only.
Those applications will fail in an even more puzzling way the first
time some Kerberos administrator tries to create an instance name
using upper case.
The more general problem is that Kerberos currently admits the
possibility that three different users might have id's "smith",
"Smith", and "SMITH". From the point of view of trying to make an
authorization/authentication system as mistake-free as possible, this
design is a human-engineering disaster!
The specific change would probably be in just two places: searching
the kerberos data base and searching the ticket file. In both
places, the search would be changed to be insensitive to case both in
the data base (file) and in the supplied identifier. That way the
database can store names in any case (for human-engineered display)
and the application can supply names in any case (whatever is easiest
to come up with.)
1. Have I got the facts straight?
2. Comments?
Jerry
