[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: FW: User to User Kerberos
When the draft which refers to user-to-user Kerberos is in a state worthy of review we need to pass it to IETF Kerberos working group or just IETF security distribution lists. See below. I think you will find the feedback very valuable.
Thanks, Tim.
-----Original Message-----
From: Sam Hartman [mailto:hartmans@mit.edu]
Sent: 04 May 2004 21:06
To: Tim Alsop
Cc: ietf-krb-wg@anl.gov
Subject: Re: User to User Kerberos
>>>>> "Tim" == Tim Alsop <Tim.Alsop@CyberSafe.Ltd.UK> writes:
Tim> Hi, Is user to user Kerberos considered to be ok to use,
Tim> broken or some other status ? I am not refering to u2u with
Tim> GSS, just u2u with Kerberos tickets. The reason for asking is
Tim> that this approach is being considered for WS-Security (Web
Tim> Services Security) standard being progressed within OASIS WSS
Tim> TC.
It is very challenging to get right, but is not broken.
I'd recommend that any use of it be reviewed by this working group or
at least by the IETF security area.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]