Servers, sockets & security
Sandeep Mehta
SandeepMehta at bebop
Thu Jul 27 22:18:20 AEST 1989
In article <2293 at auspex.auspex.com>, guy at auspex (Guy Harris) writes:
>
>Another way might be to use some mechanism such as Kerberos, and require
>the client to provide some sort of validated cookie to prove who they
>are.
Yup, using a proven authentication protocol, such as Kerberos, seems to
me to be the best way to go. Using a encyrpted key you can do correct
authentication in at least 4 or more encryptions+decryptions. Kerberos
reaches authentication at the cost of synced clocks (if clients/servers
are across machine boundaries) because it is time-stamp based. I don't
know the performance degradations of using correct authentication in
your application but with >= 4 encrypts+decrypts it's probably
non-trivial.
sandeep
--
Sandeep Mehta ...to be or not to bop ?
uunet!philabs!bebop!sxm sxm at philabs.philips.com
More information about the Comp.unix.questions
mailing list