[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
No Subject
Everyone's talking about encrypted telnet. Has anyone at least READ the
Kerberos FAQ? It's been in use for a while, and, to quote...
> Kerberos is a network authentication system for use on physically
> insecure networks, based on the key distribution model presented by
> Needham and Schroeder.[3] It allows entities communicating over
> networks to prove their identity to each other while preventing
> eavsdropping or replay attacks. It also provides for data stream
> integrity (detection of modification) and secrecy (preventing
> unauthorized reading) using cryptography systems such as DES.
> Practically speaking, Kerberos is mostly used in application-level
> protocols (ISO model level 7), such as TELNET or FTP, to provide user
> to host security. It is also used, though less frequently, as the
> implicit authentication system of data stream (such as SOCK_STREAM) or
> RPC mechanisms (ISO model level 6). It could also be used at a lower
> level for host to host security, in protocols like IP, UDP, or TCP
Being more 'official' than PGP, only a totally export-safe version has
got out to ftp.funet.fi. Of course, it could be possible to patch PGP or
something else into Bones, as the non-encrypting Kerberos is called.
> An experimental Telnet Authentication Option has been
> defined, and is described in RFC1416. (see also RFC1411).
> These RFC's only define how
> /authentication/ is to be performed; the standard for full encryption
> is still under development.
> An implementation of Kerberos V4 telnet is available via anonymous ftp
> from ftp.uu.net, in /networking/telnet.91.03.25.tar.Z, but it predates
> The IETF Common Authentication Technology Working Group is
> currently defining security extensions for the FTP protocol. An
> Internet Draft describing their work, and the source code for a
> modified ftp/ftpd with the extensions, are now available
> thumper.bellcore.com:pub/lunt/ftp.tar.Z
> net-dist.mit.edu:tytso/ftp-wg/ftp.tar.Z
-----------------------------------------------------------------------
Rishab Aiyer Ghosh "What is civilisation
[email protected], [email protected] but a ribonucleic
Voicemail +91 11 3760335; Vox/Fax/Data 6853410 hangover?"
H-34C Saket New Delhi 110017 INDIA
-----------------------------------------------------------------------