[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: transfering files between *.debian.org hosts (was: people.debian.org to move to ravel)

On Sat, Aug 30, 2008 at 10:54:59PM -0700, Steve Langasek wrote:
> On Sun, Aug 31, 2008 at 01:16:32AM +0200, Bastian Blank wrote:
> > Negotiate auth does not provide confidentiality or integrity protection
> > different to the normal use of kerberos.
> Well, ok, but you're negotiating *authentication*.  Why are confidentiality
> and integrity protection required for that?

If you use kerberized telnet you get that for free, the session key is
part of the setup.

>                                              Firefox doesn't exactly have
> HTTP basic auth support disabled by default, either...

You need to supply a username and password for each basic auth, so you
know what you are doing. Kerberos runs in the background, so the user
can't see that it got authenticated.


If some day we are defeated, well, war has its fortunes, good and bad.
		-- Commander Kor, "Errand of Mercy", stardate 3201.7

Reply to: