"Mani K" <[EMAIL PROTECTED]> writes: > Which of the following is addressed by Kerberos?
> a. authorization and authentication Kerberos is an authentication system, so the best answer is "part of (a)". Kerberos in and of itself does not do authorization except for its own internal administrative functions, although it's certainly possible to build any number of different authorization systems on top of Kerberos. > b. validation and integrity I don't know exactly what you mean by validation here. > c. confidentiality and integrity Kerberos in and of itself does not provide confidentiality, but essentially all Kerberos-enabled applications can negotiate a privacy layer at the same time. Usually Kerberos is used via an authentication and confidentiality negotiation protocol such as GSSAPI or SASL which includes a way of negotiating a privacy layer. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
