On Wed, 2006-01-11 at 15:01 -0500, Sam Hartman wrote: > >>>>> "Balazs" == Balazs Scheidler <[EMAIL PROTECTED]> writes: > > Balazs> Although not strictly related to this discussion, but TLS > Balazs> does support kerberos based authentication, see RFC 2712 > > > I just knew someone was going to bring that up. > > I really need to right draft-hartmans-tls-2712-historic. Briefly, the > major Kerberos implementations do not provide APIs necessary to > implement RFC 2712, the spec provides insufficient detail to be > implemented, the Kerberos vendors believe that providing the APIs > would be a bad idea from an abstraction standpoint, RFC 2712 only > supports DES, and RFC 2712 fails to use Kerberos in a manner that is > compatible with ongoing work in the Kerberos working group.
While it is true that I only used kerberos5 and TLS separately, but openssl 0.9.7e (the version I have on my notebook in source format) has a file named ssl/kssl.c which seems to be an implementation of RFC2712. But again this is probably not relevant. -- Bazsi _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog