Kerberos: Difference between revisions
imported>Sandy Harris |
John Leach (talk | contribs) m (Text replacement - "{{subpages}}" to "{{PropDel}}<br><br>{{subpages}}") |
||
Line 1: | Line 1: | ||
{{subpages}} | {{PropDel}}<br><br>{{subpages}} | ||
{{TOC|right}} | {{TOC|right}} | ||
[[Kerberos]] is a networked [[authentication]] system developed at the [[Massachusetts Institute of Technology]].<ref>{{citation | [[Kerberos]] is a networked [[authentication]] system developed at the [[Massachusetts Institute of Technology]].<ref>{{citation |
Revision as of 04:48, 8 April 2024
This article may be deleted soon. | ||
---|---|---|
Kerberos is a networked authentication system developed at the Massachusetts Institute of Technology.[1], A central trusted "ticket-granting server" provides "tickets" which allow other machines to authenticate each other. Granting of specific rights, called credentialing, to authenticated machines can be by a separate secure server. Specifications and documentationThe Kerberos protocol is specified in RFC 4120. There is an active working group at the IETF with many more documents. Microsoft's usage is documented in RFC 3244 and RFC 4757. There is a FAQ. IBM provide a Kerberos primer. ArchitectureThe separation of credentialing from authentication is not part of all authentication systems, but offers the ability to separate the administration of those two functions, which is a check-and-balance for personnel security of administators. Vendor useKerberos is used in various Unix-based systems, including Sun, Apple, HP and IBM. It has been used in all versions of Microsoft Windows since Windows 2000 [1]. There was considerable controversy [2] over Microsoft's usage. Basically, they took the Open Source tool, added "enhancements" that made their version incompatible with everyone else's, and tried to impose licensing conditions on their code that would have made it very difficult for anyone to write a compatible version. You could not even see the specification without signing a non-disclosure agreement. References |