Gustavo Rios wrote: > > Oliver Schoett <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]>... > > I have been playing with the Sun GSS/Kerberos sample code in > > > > http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/tutorials/ClientServer.html > > > > and noticed that the client in this scenario needs only a Kerberos > > ticket (for example, obtained from an initial Windows logon), whereas > > the server needs a secret key. This creates a key management problem > > for our servers, which I would like to avoid. > > > > Why is it that the server needs a key, when in principle, a ticket > > should be enough to prove one's identity? Is there a way to avoid the > > key management problem for servers?
Three reasons: (1) You want the server to identify itself to the client, mutual authentication. (2) When using symetric key technology, the client and the server need to share some secret. With Kerberos they use a third party, the KDC with which they each share a secret. The KDC then gives the client a ticket wich has a session key encrypted for the client and for the server. The client gives it to the server, who can decrypt it using the secret key. (3) It avoids man in the middle attacks. The management of the servers's secret key is what you pay for this. > > > > Oliver Schoett > > A ticket is not enough to prove one`s identity! It is necessary to > prove so, but not enough. About the server requirement for a key, my > suggestion is for reading some documentation on how kerberos works, > i.e., do the home work. > > best regards. > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
