[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Intent to package kth kerberos (krb4 or heimdal, not sure which)

Jean Pierre LeJacq <jplejacq@quoininc.com> wrote:
> This is a fundamental flaw with kerberos (and SSL and similiar
> systems). I believe that a better approach is to move encryption and
> authentication down to the IP layer as is done with SKIP and IPsec.
> ALL applications and protocols will then work without modification.

Er.. there's no reason not to use Kerberos and IPsec together.

Furthermore, I have some doubt about whether IPsec really addresses
the issues of user authentication and privacy -- in many cases it
seems more applicable to host and maybe application issues.

Also, SKIP, as far as I know, is an example of an early IPsec effort,
and SSL does not address all the same issues.

-- 
Raul, wondering about the implications of a Kerberos and ssh combo.


--
E-mail the word "unsubscribe" to debian-devel-request@lists.debian.org
TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble? E-mail to listmaster@lists.debian.org
Reply to: