RX Kerberos 5 security class requirements of Kerberos library
hartmans at MIT.EDU
Sun Jan 21 18:05:38 EST 2007
>>>>> "Jeffrey" == Jeffrey Altman <jaltman at secure-endpoints.com> writes:
Jeffrey> Troy Benjegerdes wrote:
>>>> This way the function can only be used for localauth and
>>>> cannot be used to specify an arbitrary client name to the
>>>> service whose key is in the service keytab.
>>> Sorry, I find this lame. And I still have yet to hear what is
>>> so wrong with using OS facilities for local auth.
>> Having a single code path for *ALL* authentication that goes
>> to a standard library makes security auditing much easier. If
>> we have to use kerberos for network and OS facilities for local
>> auth, now we have the network code path, and the local OS code
>> path which will be different on every OS.
>> Now, maybe we can just have the OS provide a nice kerberos wire
>> or API protocol compatible local auth facility, we might have
>> something everyone likes.
Jeffrey> It is important to realize that when we discussion
Jeffrey> localauth with regards to AFS we are not discussing
Jeffrey> single machine authentication. Instead we are discussing
Jeffrey> local authentication within an AFS cell. We are not
Jeffrey> discussing the use of local OS facilities.
That's certainly the AFS community's position. I don't think they
have made a compelling case for localauth beyond a single machine.
But can we please get this level of afs-specificity off of krbdev?
Refine things to proposed requirements; bring those forward; then
design in terms of general requirements.
More information about the krbdev