[Security] TLS Certificates Verification - certificate and private key clarification

Greg Hudson ghudson at MIT.EDU
Wed Aug 20 14:35:57 CDT 2008


On Wed, 2008-08-20 at 08:59 +0200, Jonathan Dickinson wrote:
> This may be a really stupid idea. Any way we could use Kerberos?

It might be possible for users in the same Kerberos realm, or in two
realms which trust each other, to authenticate and create a security
context.  It might even be possible to do that over TLS.

For the most part, I think such a solution would only help users who are
already served well by channel encryption (i.e. people within the same
organization).




More information about the Security mailing list