[prev in list] [next in list] [prev in thread] [next in thread]
List: jabber-security-jig
Subject: Re: Re: [secure-jabber] How to use the kerberos for www security?
From: leon fan <leon () ri ! gdt ! com ! cn>
Date: 1999-07-26 0:59:07
[Download RAW message or body]
Thanks a lot, thanks for you advice that using kerberos must synchroniz the time.
I also want to know whether ssl or shttp can cooperate with kerberos or gssapi and \
there is a simple protocol such as "gssapi for http"(It is proposed as a internet \
draft in 1996, and not come to rfc, why?, and I can't find this draft now.) And also \
I want to know SEA (A Security Extension Architecture for HTTP/1.x) as a w3c 's \
working draft not become a rfc,why?
In a word, I am look for a simple protocol can improve www's \
security(authentication,encryption,integrity etc.) by kerberos or gssapi in message \
or stream style.
> On Sun, Jul 25, 1999 at 03:28:16PM +0800, leon fan wrote:
> > Received: from lor.jeremie.com (localhost [127.0.0.1])
> > by lor.jeremie.com (8.9.3/8.9.3) with ESMTP id CAA05450;
> > Tue, 25 Jul 2000 02:33:44 -0500
> > Received: from ri_mailserver.ri.gdt.com.cn ([202.106.68.226])
> > by lor.jeremie.com (8.9.3/8.9.3) with ESMTP id CAA05433
> > for <Security@jabber.org>; Tue, 25 Jul 2000 02:33:38 -0500
> > Received: from ·¶½¨¹ú ([172.18.94.118])
> > by ri_mailserver.ri.gdt.com.cn (Lotus Domino Release 5.0.2b (Intl))
> > with SMTP id 2000072515301546:64 ;
> vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
> > Tue, 25 Jul 2000 15:30:15 +0800
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
> > Date: Sun, 25 Jul 1999 15:28:16 +0800
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > From: leon fan <leon@ri.gdt.com.cn>
> > To: "Security@jabber.org" <Security@jabber.org>
> > X-mailer: FoxMail 3.0 beta 2 [cn]
> > Mime-Version: 1.0
> > X-MIMETrack: Itemize by SMTP Server on ri_mailserver/gdt(Release 5.0.2b (Intl)|16
> > December 1999) at 2000-07-25 03:30:15 PM,
> > Serialize by Router on ri_mailserver/gdt(Release 5.0.2b (Intl)|16 December
> > 1999) at 2000-07-25 03:31:09 PM,
> > Serialize complete at 2000-07-25 03:31:09 PM
> > Message-ID: <OF870C366B.295C1046-ON48256927.002938F9@ri.gdt.com.cn>
> > Content-Type: text/plain; charset="us-ascii"
> > Subject: [secure-jabber] How to use the kerberos for www security?
> >
>
> Ironically, having the proper time on all of your machines is considered
> an important security matter. (Synchronizing log timestamps during an
> attack, for example.) Additionally, some protocols will not connect if
> the times are not within a minute of one another, for similar reasons.
> (I suspect this behaviour will become increasingly common in the future.)
>
> You may want to adjust your clock and then install an NTP v4 daemon
> (or xntpd3) to keep synchronized with three (or so) public time servers.
>
> Best of luck.
>
> --
> Please (OpenPGP) encrypt all mail whenever possible. Request the following
> Public Keys for Lazarus Long <lazarus@overdue.dhis.net>
>
> Type Bits/KeyID Fingerprint DSA KeyID: vvvv vvvv
> ElGamal: 2048g/92F6493B 2C55 E967 278B 4E8B D25B F5F3 352B 9B0E 32C3 3BA4
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic