FYI, I've developed a set of patches to add Kerberos5 authentication to OpenSSL 0.9.5a. This is based on the draft RFC by Medvinsky and Hur: draft-ietf-tls-kerb-cipher-suites-03.txt. I also have patches for mod_ssl-2.6.5-1.3.12 and apache_1.3.12 and a few text-based web clients. Proxies can be used to support unmodified web clients (netscape), but it's clunky; if there were a way to plug in direct support it would be much much better. The patch set is available at http://download.sourceforge.net/kssl/ , thanks to the newly liberalized USA export control rules for source code. -- "My company prefers to have that kind of decision made by uninformed executives. We call it "Empowerment". --Dilbert [EMAIL PROTECTED] Vern Staats, ASC/HPTS, WPAFB OH 45433, 937-255-6699x449 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
