<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2653.12">
<TITLE>Kerb/PKI Infrastructure - Who's on first?</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2 FACE="Arial">Help, I'm thoroughly confused. What is the best recommended direction for single </FONT>
<BR><FONT SIZE=2 FACE="Arial">authentication being proposed by the IETF, or is there? I can see Kerb feeding public key</FONT>
<BR><FONT SIZE=2 FACE="Arial">applications a TGT or visa versa from PKI app's with PKINIT. It looks clear to me the PKI infrastructure </FONT>
<BR><FONT SIZE=2 FACE="Arial">has been set by the IETF, but I'm getting tired looking for a common approach and sorting through </FONT>
<BR><FONT SIZE=2 FACE="Arial">RFC's. Is Kerb/PKI a pipe dream, should the infrastructure center around the TGT or a RSA key, </FONT>
<BR><FONT SIZE=2 FACE="Arial">or do I have to run both? I'm not sure where KINK fits in, but this is what I'd like:</FONT>
</P>
<P> <FONT SIZE=2 FACE="Arial">Single OS signon regardless of OS, Kerberos, etc must coexist & send or receive</FONT>
<BR> <FONT SIZE=2 FACE="Arial">authentication (RSA?).</FONT>
</P>
<P> <FONT SIZE=2 FACE="Arial">This same sign-on would provide RSA authentication to SSH, SSL/TLS,</FONT>
<BR> <FONT SIZE=2 FACE="Arial">S/MIME, PKIX and IPSEC. </FONT>
</P>
<P> <FONT SIZE=2 FACE="Arial">I don't want to run two or parallel authentication schemes.</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">Cybersafe has there product, but is this the right approach? The OpenGroup has</FONT>
<BR><FONT SIZE=2 FACE="Arial">their PKI, but what about host authentication at login?</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">I have searched literally for days to understand how should one authenticate</FONT>
<BR><FONT SIZE=2 FACE="Arial">symetrically or asymetrically, etc. Is there a best practice approach here. I prefer</FONT>
<BR><FONT SIZE=2 FACE="Arial">an opensource solution, and the closest I can come is with Heimdal and the typical</FONT>
<BR><FONT SIZE=2 FACE="Arial">opensource tools for shell, transport, email, etc. Any contact, explanation or doc would </FONT>
<BR><FONT SIZE=2 FACE="Arial">be great, TIA..</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">cs</FONT>
</P>
</BODY>
</HTML>