[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mod_auth_kerb and Heimdal KDC

To: Johan Danielsson <joda@pdc.kth.se>
Subject: Re: mod_auth_kerb and Heimdal KDC
From: Simon Wilkinson <sxw@dcs.ed.ac.uk>
Date: Thu, 22 Aug 2002 09:50:57 +0100 (BST)
cc: Brian May <bam@snoopy.apana.org.au>, Tillman Hodgson <tillman@seekingfire.com>, heimdal-discuss <heimdal-discuss@sics.se>
In-Reply-To: <xofadnf5lpt.fsf@blubb.pdc.kth.se>
Sender: owner-heimdal-discuss@sics.se

On 22 Aug 2002, Johan Danielsson wrote:

> You mean http://www.ietf.org/rfc/rfc2712.txt?

RFC2712 is somewhat flawed. In particular, it doesn't provide enough
information about data types to construct interoperable implementations.
A while back, I wrote an implementation for Mozilla, and collaborated with
making the OpenSSL implementation work with it. I believe that the OpenSSL
stuff will be shipping with their next release. We also wrote some notes
on the data encoding assumptions we made.

However, there is an internet draft which is aimed at obsoleting 2712,
which has the advantage of using complete Kerberos data structures within
the SSL handshakes. Implementation is a touch more complex, however.

Cheers,

Simon.

References:
- Re: mod_auth_kerb and Heimdal KDC
  - From: joda@pdc.kth.se (Johan Danielsson)

Prev by Date: Re: mod_auth_kerb and Heimdal KDC
Next by Date: Re: mod_auth_kerb and Heimdal KDC
Prev by thread: Re: mod_auth_kerb and Heimdal KDC
Next by thread: Re: mod_auth_kerb and Heimdal KDC
Index(es):
- Date
- Thread