On Mon, 2003-12-29 at 10:16, Rich Salz wrote: > Not sure what the guy meant by that. But yes, SAML flows are "just > like" Kerberos flows. And Liberty and WS-Federation look a lot like DCE > cross-cell (er, Kerberos inter-realm) flows. After all, there's only not > many ways to do secure online trusted third-party authentication. > /r$
talking to the guy after the presentation, i got the impression that they probably exactly copied the kerberos flows ... didn't even try to come up with something that turned out to be similar. there were 30-40 people in the audience and I expected more people in the audience to have participated in discussion about kerberos vis-a-vis saml. kerberos had come out of project athena that had been substantially jointly funded by two corporations ... project athena had a director from mit and two assistant directors, one from each of the funding corporations. one of them i had worked with for a long time when at science center at 545 tech sq. (random refs): http://www.garlic.com/~lynn/subtopic.html#545tech during the period we were doing hsdt & ha/cmp ... my wife and I also got to go by and do audits of progress of various project athena activities (including kerberos). One visit we had a lengthy overview and discussion of the recently (then) developed cross-domain protocol. -- Anne & Lynn Wheeler - http://www.garlic.com/~lynn/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
