[2598] in Kerberos
Re: Kerberos 5 & login
daemon@ATHENA.MIT.EDU (Steve Lunt)
Thu Feb 25 16:11:32 1993
Date: Thu, 25 Feb 93 13:45:12 EST
From: Steve Lunt <lunt@ctt.bellcore.com>
To: bcn@isi.edu, bf4grjc@bell-atl.com
Cc: kerberos@Athena.MIT.EDU
Ravi,
> This above two step "dance" to do what is a very fundamental, very
> often used, operation, simply needs to be implemented more cleanly,
> perhaps with OPTIONAL additions to the protocol. i.e. I claim that
> "in practice", logging into the local machine, is a sufficiently
> distinguished process, which ought to be treated differently from
> other services.
>
> The biggest threat I see is that, in practice, a vendor who supplies
> login/xdm/etc. might well eliminate Step 2 of the dance, leaving
> unwary clients (Let the buyer beware?) vulnerable to the "well known"
> spoofing problem. On the other hand, if either:
Agreed that most vendors will likely do it wrong and only do
Step 1. But I think a standard API is needed (rather than a special
protocol extension) to accomplish this. This way, with a simple
call, the vendors have no excuse to side step the issue (pun intended).
-- Steve
