[123] in Zephyr Mailing List


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: dredging InterRealm Zephyr back out of the swamp...

daemon@ATHENA.MIT.EDU (Bill Cattey)
Fri Jun 3 01:05:01 1994

Date: Fri,  3 Jun 1994 01:03:45 -0400 (EDT)
From: Bill Cattey <wdc@MIT.EDU>
To: zephyr@MIT.EDU, John Gardiner Myers <jgm+@CMU.EDU>
In-Reply-To: <Mhvcp6W00WBwQ76d8w@andrew.cmu.edu>

Excerpts from mail: 2-Jun-94 Re: dredging InterRealm Zep.. John Gardiner
Myers@CMU. (515)

> Kerberos only provides transitive authentication.  You have to trust
> the remote Kerberos server not to lie to you about the person who
> wants to authenticate...

Excuse me, but the Kerberos host is expected to be physically secure,
and to engage only in cryptographically secure conversations.  If you
allow any random to bring up a Kerberos server, then your criticsm would
be valid.  But as the deployment environments for Zephyr and Kerberos
are so radically different, your criticism is specious.

-wdc


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[123] in Zephyr Mailing List

Re: dredging InterRealm Zephyr back out of the swamp...

daemon@ATHENA.MIT.EDU (Bill Cattey)Fri Jun 3 01:05:01 1994

daemon@ATHENA.MIT.EDU (Bill Cattey)
Fri Jun 3 01:05:01 1994