WebISO: the killer kerberos app?

Sam Hartman hartmans at MIT.EDU
Mon Mar 8 10:40:26 EST 2004


>>>>> "Wyllys" == Wyllys Ingersoll <wyllys.ingersoll at sun.com> writes:

    Wyllys> Isn't this very similar to the what Passport and Project
    Wyllys> Liberty propose to use?  Basically, its a variation of the
    Wyllys> "secure cookie" scheme.  Netegrity does something similar
    Wyllys> as well.

There's also the free software pubcookie.

My personal recommendation for webauth right now seems to be
supporting both gssapi negotiate and pubcookie.  I'd prefer a stronger
solution than gssapi negotiate.  The HTTP SASL draft is being last
called, so perhaps we'll get our wish.



More information about the Kerberos mailing list