[JDEV] Security

temas temas at box5.net
Fri Apr 7 18:41:04 CDT 2000


I try and build the system on as many platforms as I can get my hands on before
I give something my stamp of approval.  Sometimes I fail in the assumptions I
make, sometimes I don't.  1.0 will have an extremely rigorous test schedule before
it's released, so that should be a lot more XP.  Sorry if you had problems,
we're all just an email away if you have more.

--temas

On Fri, Apr 07, 2000 at 04:21:06PM -0700, Donn Cave wrote:
> Quoth William Ahern <wahern at jinsa.org>:
> ...
> | I'm using an SRP enabled telnet solution on my unix boxes. I wish this was more
> | widely used. It doesn't 'encrypt' the passwd to keep it secure, but uses a
> | tested algorithm that allows the server to determine whether or not the client
> | has the approrpiate passwd. Nothing is sent, encrypted or otherwise, that could
> | compromise the passwd.
> 
> I submitted code for MIT Kerberos 5 support a ways back, v0.7 or something
> along those lines.  That's a similar notion, no password on the wire,
> encrypted or otherwise, and supported not only by the MIT release
> (http://web.mit.edu/kerberos/www/) but also DCE and now Windows 2000.
> Applications can leverage the cryptography for data encryption, but
> the real point is purely authentication.
> 
> Kerberos authentication allows me to authenticate to a service not only
> without sending the password, but more perhaps more significantly here 
> the application server doesn't ever see my password, it relies on the
> Kerberos realm central authority to verify my identity.  That's important
> if the jabber server might be hosted on a computer whose security isn't
> guaranteed.
> 
> I have some version 0.9 pre release and finally managed to build it
> (does anyone but me ever try to build this software on anything but
> Linux?), but have not yet looked at re-integrating the Kerberos code.
> 
> 	Donn Cave, donn at u.washington.edu
> 
> 
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20000407/f3ebfc08/attachment-0002.pgp>


More information about the JDev mailing list