Darren.Reed at Sun.COM wrote: > Henry B. Hotz wrote: > >> ... >> If I had my way, any vendor would need to convince me that they have >> solved the KDC robustness problem. I have a hard time imagining a >> vendor being able to make money solving this problem unless the >> market was bigger than just Kerberos servers. > > > > > In the mid 1990s, I was part of a team that designed and deployed > a solution using OTPs and Kerberos with robust KDCs using a set > of packages from a company by the name of "Cybersafe". > > It looks like they're still in that game: > http://www.cybersafe.com/ > > The last time I looked at this, we used some patches from umich.edu > to provide the robustness for MIT Kerberos: > http://www.citi.umich.edu/u/kwc/krb5stuff/replication.html > and made some private hacks to MIT Kerberos to do OTP.
I forgot to add: all of the above has been used by myself, quite successfully, on systems running various releases of Solaris :) Darren
