[lug] Re: RFI -- Kerberos
Neal McBurnett
nealmcb at avaya.com
Mon Oct 16 14:34:23 MDT 2000
Once upon a time, John Kottal <jlkottal at americanisp.net> wrote:
> I am doing a school paper on Unix/Linux Securityusing Kerberos and would
> ask if anyone who has used it would share their experiences, both good
> and bad.
>
> John Kottal
Works fine for me (limited testing), until you get into the
Micro$oft-proprietary Privilege Attribute Certificate (PAC). There is
apparently an IETF effort to define an official usage of that field,
thankfully.
There is cool stuff at U Michigan, ICI and elsewhere on combining
Public Key methods and Kerberos (kx509, PKINIT, GSS-API, GAA-API etc.)
Post your paper when you're done - this is really important
stuff.
http://web.mit.edu/kerberos/www/
http://www.isi.edu/~govindan/cs558/netsec/
http://www.ncsa.uiuc.edu/General/CC/kerberos/firewall.html
http://www.colorado.edu/ITS/docs/identikey/
http://www.simc-inc.org/dce-pki/SIMCdraft2.html
http://choices.cs.uiuc.edu/Security/JGSS/jgss.html
http://www.counterpane.com/crypto-gram-0003.html
http://caselaw.findlaw.com/cgi-bin/getcase.pl?court=US&vol=472&invol=585
bork compares MS practices to aspen skiing company and highlands
http://slashdot.org/article.pl?sid=00/03/24/0752258&mode=nested
Cheers,
Neal McBurnett <neal at bcn.boulder.co.us> 303-538-4852
Avaya Inc, the former Enterprise Networking Group of Lucent/Bell Labs
http://bcn.boulder.co.us/~neal/ (with GnuPG/PGP keys)
More information about the LUG
mailing list