Re: Access Authorization

Marc VanHeyningen <mvanheyn@cs.indiana.edu>
From: Marc VanHeyningen <mvanheyn@cs.indiana.edu>
To: www-talk@nxoc01.cern.ch
Subject: Re: Access Authorization 
In-reply-to: Your message of "Fri, 17 Sep 1993 02:52:50 EST."
             <9309170752.AA04574@wintermute.ncsa.uiuc.edu> 
Date: Fri, 17 Sep 1993 03:17:49 -0500
Message-id: <4964.748253869@moose.cs.indiana.edu>
Sender: mvanheyn@cs.indiana.edu
Status: RO
Thus wrote: 
>Steve Heaney writes:
>> I havn't followed the discussion in great detail and I know nothing about 
>> the issues of authorization.  However, I know I would definitely feel better
> 
>> about any solution that used schemes (like Kerberos) that were already in 
>> (wide) use.  The advantages should be obvious.
>
>Is Kerberos really in wide use?  If so, where?  (I have no idea...)
>
>Marc
>

Kerberos V4 is certainly in wide use in lots of places, even here.
Kerberos V5, however, is needed to be even marginally tolerable for
WWW applications (V4 requires n^2 secret keys where n is the number of
administrative domains, and is thus not scalable.)  Kerberos in
general is, IMHO, not sufficiently scalable for WWW purposes for
reasons I think I've blathered about before enough.

- Marc
--
Marc VanHeyningen  mvanheyn@cs.indiana.edu  MIME, RIPEM & HTTP spoken here