[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject



Everyone's talking about encrypted telnet. Has anyone at least READ the
Kerberos FAQ? It's been in use for a while, and, to quote...

> Kerberos is a network authentication system for use on physically
> insecure networks, based on the key distribution model presented by
> Needham and Schroeder.[3] It allows entities communicating over
> networks to prove their identity to each other while preventing
> eavsdropping or replay attacks.  It also provides for data stream
> integrity (detection of modification) and secrecy (preventing
> unauthorized reading) using cryptography systems such as DES.

> Practically speaking, Kerberos is mostly used in application-level
> protocols (ISO model level 7), such as TELNET or FTP, to provide user
> to host security.  It is also used, though less frequently, as the
> implicit authentication system of data stream (such as SOCK_STREAM) or
> RPC mechanisms (ISO model level 6).  It could also be used at a lower
> level for host to host security, in protocols like IP, UDP, or TCP

Being more 'official' than PGP, only a totally export-safe version has
got out to ftp.funet.fi.  Of course, it could be possible to patch PGP or
something else into Bones, as the non-encrypting Kerberos is called. 

> An experimental Telnet Authentication Option has been
> defined, and is described in RFC1416. (see also RFC1411).
> These RFC's only define how
> /authentication/ is to be performed; the standard for full encryption
> is still under development.

> An implementation of Kerberos V4 telnet is available via anonymous ftp
> from ftp.uu.net, in /networking/telnet.91.03.25.tar.Z, but it predates

> The IETF Common Authentication Technology Working Group is
> currently defining security extensions for the FTP protocol.  An
> Internet Draft describing their work, and the source code for a
> modified ftp/ftpd with the extensions, are now available
>         thumper.bellcore.com:pub/lunt/ftp.tar.Z
>         net-dist.mit.edu:tytso/ftp-wg/ftp.tar.Z

-----------------------------------------------------------------------
Rishab Aiyer Ghosh                            "What is civilisation
[email protected], [email protected]        but a ribonucleic
Voicemail +91 11 3760335; Vox/Fax/Data 6853410      hangover?"
H-34C Saket New Delhi 110017 INDIA
-----------------------------------------------------------------------