Thoughts on a Kerberos based open-authorization architecture. greg at
Sat Mar 11 10:40:26 EST 2006

On Mar 6, 12:26pm, "Henry B. Hotz" wrote:
} Subject: Re: Thoughts on a Kerberos based open-authorization architecture.

> On Mar 4, 2006, at 9:03 AM, krbdev-request at wrote:
> > Date: Fri, 3 Mar 2006 13:51:10 -0600
> > From: greg at
> > Subject: Thoughts on a Kerberos based open-authorization architecture.
> > To: krbdev at

> Just a thought on getting all this accepted:  Can we wrap all this up  
> so it supports SOA and SAML?  Those are hot buzzwords at the moment  
> here.
> Anyone know of any open implementations of SOAP/WS-SECURITY Kerberos  
> tokens?  I have two groups here, one will go Java, and the other will  
> go Perl.

I see that Nicolas has already provided a summary of where things may
be going in this arena.  I certainly appreciate the work being done in
this venue but share his concern with respect to overall complexity.

SOA and SAML are certainly hot buzzwords and potentially useful
technology but only address the assertion or conveyance of identity,
authentication and authorization information.  They do not speak to a
mechanism for implementing and managing authorization which is the
root challenge for the open-architecture community.

> Henry.B.Hotz at, or hbhotz at


}-- End of excerpt from "Henry B. Hotz"

As always,
Dr. G.W. Wettstein, Ph.D.   Enjellic Systems Development, LLC.
4206 N. 19th Ave.           Specializing in information infra-structure
Fargo, ND  58102            development.
PH: 701-281-1686
FAX: 701-281-3949           EMAIL: greg at
        An assembly of people coming together to decide what person or
department not represented in the room must solve a problem."
                                -- Unknown

More information about the krbdev mailing list