[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: alternative to user-to-user Kerberos in KINK

To: "Medvinsky, Sasha (SD-EX)" <SMedvinsky@xxxxxx>
Subject: Re: alternative to user-to-user Kerberos in KINK
From: Derek Atkins <warlord@xxxxxxx>
Date: 20 Nov 2000 10:30:24 -0500
Cc: "'Michael Thomas'" <mat@xxxxxxxxx>, "'ietf-kink@xxxxxxxx'" <ietf-kink@xxxxxxxx>
In-reply-to: "Medvinsky, Sasha's message of "Tue, 14 Nov 2000 15:15:12 -0500"
List-archive: <http://www.vpnc.org/ietf-kink/mail-archive/>
List-id: <ietf-kink.vpnc.org>
List-unsubscribe: <mailto:ietf-kink-request@vpnc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-kink@xxxxxxxxxxxxx

"Medvinsky, Sasha (SD-EX)" <SMedvinsky@xxxxxx> writes:

> Also, the client should really have an Access Control List of the servers it
> wants to talk to and would not normally respond to a request from a server
> it doesn't know about.  Even if a client did respond to any such server -
> the KDC has only a limited number of them in its database.

This doesn't make sense in the KINK framework.  KINK is meant as a
peer-to-peer protocol.  You cannot expect a KINK Peer to necessarily
know what other peers to expect to talk to it.  I think you are
applying PacketCable architecture requirements to KINK, in a way that
those requirements do not apply.

-derek
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/      PP-ASEL      N1NWH
       warlord@xxxxxxx                        PGP key available

References:
- RE: alternative to user-to-user Kerberos in KINK
  - From: Medvinsky, Sasha (SD-EX)

Prev by Date: RE: alternative to user-to-user Kerberos in KINK
Next by Date: RE: alternative to user-to-user Kerberos in KINK
Previous by thread: RE: alternative to user-to-user Kerberos in KINK
Next by thread: RE: alternative to user-to-user Kerberos in KINK
Index(es):
- Date
- Thread