[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Groups - wss-kerberos-interop.doc uploaded
> -----Original Message----- > From: Rich Salz [mailto:rsalz@datapower.com] > Sent: 18 November 2004 02:28 > To: ageller@microsoft.com > Cc: wss@lists.oasis-open.org; Ken Ballou > Subject: Re: [wss] Groups - wss-kerberos-interop.doc uploaded > > > Detailed Kerberos interop scenarios > > Some folks here took a look at this. Thanks for the feedback. > > We understand that only using a single realm makes things > simpler; it may > in fact reflect the most common use pattern. Unless the interop is > on-site, however, this is going to cause issues as few firewalls will > allow UDP traffic. I think we were planning to put up a server outside our firewall for this interop event. > > The primary difference between the two scenarios is who > "owns" the KDC; > this makes sense. Unfortunately, the phrase used is > "manufactured" which > doesn't make sense, as it would seem to prevent a broad class of > vendors, as well as those running the MIT reference > implementation, from > participating. Perhaps "run by" is a better word? I'll amend the doc. Thanks again, Gudge > > /r$ > > -- > Rich Salz Chief Security Architect > DataPower Technology http://www.datapower.com > XS40 XML Security Gateway http://www.datapower.com/products/xs40.html > XML Security Overview > http://www.datapower.com/xmldev/xmlsecurity.html > > > To unsubscribe from this mailing list (and be removed from > the roster of the OASIS TC), go to > http://www.oasis-open.org/apps/org/workgroup/wss/members/leave _workgroup.php. > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]