On Wed, 2008-08-20 at 08:59 +0200, Jonathan Dickinson wrote: > This may be a really stupid idea. Any way we could use Kerberos?
It might be possible for users in the same Kerberos realm, or in two realms which trust each other, to authenticate and create a security context. It might even be possible to do that over TLS. For the most part, I think such a solution would only help users who are already served well by channel encryption (i.e. people within the same organization).
