[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: HEAD open for commits
From: James Richard Tyrer <tyrerj () acm ! org>
Date: 2002-12-01 4:05:07
[Download RAW message or body]
Tim Jansen wrote:
> On Sunday 01 December 2002 02:54, James Richard Tyrer wrote:
>
>>>No, more like Kerberos. For example, when I access my EMail using IMAP
>>>and it asks me for a password, it should create a ticket that I can use
>>>to authenticate myself to use LDAP, HTTP and so on (without entering the
>>>password again in the same session).
>>
>>Would the system remember your password? This is not good unless it is
>>a trivial password such as you use to logon to a web site.
>
>
> No, it remembers a so-called Ticket-Granting Ticket that can be used to
> receive session keys from the kerberors server.
>
> The whole point of kerberos vs. LDAP and NIS is that you can authenticate
> yourself to services that you don't trust, without telling them your
> password.
I see. Zero knowledge authentication, sounds like a good idea.
> This is quite important when you access a desktop computer (which
> can be easily compromised by everybody who has physical access to the
> machine) or any service that is running on it (ssh, file server, printer
> server, desktop sharing)..
>
> http://www.isi.edu/~brian/security/kerberos.html
Yet another new thing to read about.
Thanks for the link
--
JRT
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic