Re: Insecure WWW Access Authorization Protocol?
"Peter Lister, Cranfield Computer Centre" <P.Lister@cranfield.ac.uk>
Errors-To: listmaster@www0.cern.ch
Date: Mon, 7 Mar 1994 12:51:35 --100
Message-id: <9403071147.AA02606@xdm039.ccc.cranfield.ac.uk>
Errors-To: listmaster@www0.cern.ch
Reply-To: P.Lister@cranfield.ac.uk
Originator: www-talk@info.cern.ch
Sender: www-talk@www0.cern.ch
Precedence: bulk
From: "Peter Lister, Cranfield Computer Centre" <P.Lister@cranfield.ac.uk>
To: Multiple recipients of list <www-talk@www0.cern.ch>
Subject: Re: Insecure WWW Access Authorization Protocol?
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
Content-Length: 807
> So my advice is to use tried and tested public key management. Export
But I want tried and tested Kerberos, Dave!! Many sites use Kerberos now, and
it's much more important for me to be able to authenticate my local users (who
already have Kerberos tickets when they login), rather than off-site users.
While I wouldn't stop local users from using PGP/PEM if they want, I don't
want to have to put another authentication system in place just to
authenticate WWW when I have a perfectly good Kerberos set up already.
Peter Lister Email: p.lister@cranfield.ac.uk
Computer Centre, Cranfield University Voice: +44 234 754200 ext 2828
Cranfield, Bedfordshire MK43 0AL UK Fax: +44 234 750875
--- Go stick your head in a pig. (R) Sirius Cybernetics Corporation ---