Re: Intent to package kth kerberos (krb4 or heimdal, not sure which)
Jean Pierre LeJacq <jplejacq@quoininc.com> wrote:
> This is a fundamental flaw with kerberos (and SSL and similiar
> systems). I believe that a better approach is to move encryption and
> authentication down to the IP layer as is done with SKIP and IPsec.
> ALL applications and protocols will then work without modification.
Er.. there's no reason not to use Kerberos and IPsec together.
Furthermore, I have some doubt about whether IPsec really addresses
the issues of user authentication and privacy -- in many cases it
seems more applicable to host and maybe application issues.
Also, SKIP, as far as I know, is an example of an early IPsec effort,
and SSL does not address all the same issues.
--
Raul, wondering about the implications of a Kerberos and ssh combo.
--
E-mail the word "unsubscribe" to debian-devel-request@lists.debian.org
TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble? E-mail to listmaster@lists.debian.org
Reply to: