Re: Kerberos on .debian.org?
On 9 Mar 2001, Sam Hartman wrote:
> Jason> Or not. We are not doing the central KDC thing for obvious
> Jason> reasons.
>
> I'm utterly failing to see what these obvious reasons are. I suspect
> there is a misunderstanding of the security guarantees that debian.org
> currently has or a misunderstanding of how Kerberos works.
Kerberos requires a secure central KDC machine w/ the possibility for
secure replicas. If connectivity between a host and the KDC is broken then
the host is effectively dead in the water which is totally unacceptable
for us. Further, the fact that a KDC must be very secure to protect the
keys does not make it a good solution when we don't have physical control
over our boxes.
> If/when a group of people propose something as well as state
> significant advantages to that proposal, you should do more than
> randomly snipe to present a credible argument against.
Read the list archives? This comes up every couple years..
Jason
Reply to: