So what options are there in that space?
AFAIK none --- with the standard open source servers. There are patches available for MIT to support CRYPTOcard and SecureID. There are patches available for Heimdal to support X509 certificates (PKINIT).
Anything else out there?
While I'm on the subject, let me throw out an idea: smart card authentication that requires an existing tgt to authenticate. The user first gets an ordinary tgt for [EMAIL PROTECTED] Then (s)he uses that tgt in conjunction with with the smart card (IF details unspecificed) to acquire a tgt for either smith/[EMAIL PROTECTED], or [EMAIL PROTECTED] This isn't the forum to discuss a new proposal, but maybe someone knows of something?
------------------------------------------------------------------------ ----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
[EMAIL PROTECTED], or [EMAIL PROTECTED]
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
