PKINIT

Tim Alsop Tim.Alsop at CyberSafe.Ltd.UK
Mon May 13 06:20:32 EDT 2002


Sam,

Thankyou. We would love to comply and can fully understand why changes made
by the previous CyberSafe company may have caused problems. I have been
trying for many months to open discussions along these lines with somebody
at MIT, but have not been successful yet. Can you let me know your
position/role and whether I should use you as a point of contact to
coordinate such matters ?

Kind Regards, Tim.

-----Original Message-----
From: Sam Hartman [mailto:hartmans at alum.mit.edu] 
Sent: 13 May 2002 07:08
To: Tim.Alsop at CyberSafe.Ltd.UK
Cc: kerberos at mit.edu
Subject: Re: PKINIT


This post, more than most is my individual opinion, and is certainly
not the opinion of MIT or the MIT Kerberos team.


>>>>> "Tim" == Tim Alsop <Tim.Alsop at CyberSafe.Ltd.UK> writes:

    Tim> The CyberSafe TrustBroker products have PKINIT (draft 5)
    Tim> support and we are currently in the process of developing
    Tim> draft 16 (from RFC1510bis) into our KDC. 
Please, before adopting anything from draft 16, make sure that the
working group hasn't already developed a consensus to do something
different.  CyberSafe has a long tradition of picking the worst parts
of ongoing work both from the MIT release and if memory serves from
IETF drafts, implementing them and then causing everyone to regret the
result.  The biggest example is of course 3des-cbc-md5, although there
have certainly been others.

It would be great to see CyberSafe work closer with the rest of the
Kerberos community rather than be a thorn in its side.


--Sam



More information about the Kerberos mailing list