revocation feature in Kerberos
Booker Bense
bbense at gmail.com
Sun Aug 3 14:33:58 EDT 2014
This whole conversation seems misguided to me. Kerberos is an
authentication system, not an authorization one. Access to a service is an
authorization issue. Since there is no universal authorization scheme for
kerberos applications, any workable revocation system will have to
build that first. That would be a very useful tool, but I'm afraid it might
be about 20 years too late.
- Booker C. Bense
More information about the Kerberos
mailing list