Public misunderstanding of Kerberos

Greg Hudson ghudson at MIT.EDU
Mon Jun 3 00:14:27 EDT 2013 

I'm not sure whether I can help you, but if anyone here can, we'll need
some context.  To start with:

* What web server are you running?

* What operating system are you running it on?

* What did you do to try to make it use Kerberos authentication?

On 05/31/2013 08:55 PM, Mark Leavenworth wrote:
> To whom it may concern:
> 
> There is currently a broad public misunderstanding regarding how Kerberos works. Customers with partial Kerberos installation, uninstallation do not realize that Kerberos is not only checking for the identity of those who send requests to their server pages, but also that Kerberos will check all messages destined for their IP address, to be certain that computers which are not their own will not receive incoming messages addressed to themselves, regardless of security access settings for the requested documents. As a result, a customer who is registered with Kerberos but subsequently misplaces a Kerberos file will have all incoming traffic blocked. I am currently  trying to resolve this problem, and have found many people all over the internet, as well as in ISP and computer platform customer support who do not understand the 'partial installation' problem with authorization systems. 
> 
> Instead, both the public and company representatives are cultivating the belief that 'you have to pay more or have a business account to serve a web page'. This is a terrible misunderstanding of the internet brought on by a lack of public awareness about the 'partial installation' condition. 
> 
> I hope this message helps in the development of an authorization system that will be both secure as well as increasingly popular and well understood. 
> 
> In the meantime, if anyone has any pointers on the best way for me to proceed to get my incoming service back, please be kind enough to return.
> 
> 
> Sincerely, 
> 
> 
> Mark Leavenworth
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>

More information about the Kerberos mailing list