[7728] in Kerberos
Re: XGSS
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Aug 5 16:29:31 1996
To: alexa@tcsi.com (Alexander Aizman)
Cc: kerberos@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 05 Aug 1996 16:12:05 -0400
In-Reply-To: alexa@tcsi.com's message of Mon, 5 Aug 1996 10:12:33 -0700
>>>>> "Alexander" == Alexander Aizman <alexa@tcsi.com> writes:
Alexander> Hello, I'm thinking of CORBA security spec. and intend
Alexander> to use Kerberos V5. Mainly because of its GSS-API
Alexander> (which provides security services in a generic
Alexander> fashion). The problem is that neither GSS nor Kerberos
Alexander> allow to support access control and audit. Anybody
Alexander> knows what is the status of XGGS vs. Kerberos?
I think it is a bit of a stretch to say that Kerberos doesn't
support access control or auditing. It certainly doesn't support
these in a central fassion, but it does provide sufficient mechanisms
for interested applications to have auditing and access control
facilities.
Also, some central logging is done of what principals have
authenticated to what other principals, although this isn't really a
formal audit trail.
Alexander> Alex Aizman, alexa@tcsi.com
