[29009] in Kerberos
Re: Authenticating on kerberos via certifates
daemon@ATHENA.MIT.EDU (Paul Cayley)
Thu Jan 10 11:47:17 2008
Date: Thu, 10 Jan 2008 08:46:06 -0800 (PST)
From: Paul Cayley <paulcayley@yahoo.com>
To: Andrea <acirulli@gmail.com>, kerberos@mit.edu
MIME-Version: 1.0
Message-ID: <187305.34615.qm@web50309.mail.re2.yahoo.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Search on PKINIT - this will give you some background. Also, you can use protocol transition in some implementations.....
Lastly - what os and client? Is this web front end of client workstation auth? How are private keys manged? ....
All the Best,
Paul
----- Original Message ----
From: Andrea <acirulli@gmail.com>
To: kerberos@mit.edu
Sent: Thursday, January 10, 2008 3:20:33 AM
Subject: Authenticating on kerberos via certifates
Hi all,
I'm facing with this problem:
I have a working authentication configure system that uses Kerberos
for authentication. The credentials that have to be passed in order to
obtain a TGT are username and password. Now I'm looking for some hint
on how to authenticate on kerberos through certificates like X.509.
This is what I want:
Let's assume that an user has a valid certificate created by a CA. The
user can authenticate himself without prompting any user/pwd but just
having the certificate. According to you is it possible to construct
an intermediate layer between the user and kerberos which maps the
certificates in credentials allowing Kerberos to authenticate the user
himself.
Thanks in advance,
Andrea
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
