1994-03-06 - No Subject

Header Data

From: rishab@dxm.ernet.in
To: cypherpunks@toad.com
Message Hash: 3cb59b2c38af6ebf1209783d12233a7a31f2b146b5a9ac15b580cd3588e15443
Message ID: <gate.7m7qic1w165w@dxm.ernet.in>
Reply To: N/A
UTC Datetime: 1994-03-06 09:11:34 UTC
Raw Date: Sun, 6 Mar 94 01:11:34 PST

Raw message

From: rishab@dxm.ernet.in
Date: Sun, 6 Mar 94 01:11:34 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <gate.7m7qic1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Everyone's talking about encrypted telnet. Has anyone at least READ the
Kerberos FAQ? It's been in use for a while, and, to quote...

> Kerberos is a network authentication system for use on physically
> insecure networks, based on the key distribution model presented by
> Needham and Schroeder.[3] It allows entities communicating over
> networks to prove their identity to each other while preventing
> eavsdropping or replay attacks.  It also provides for data stream
> integrity (detection of modification) and secrecy (preventing
> unauthorized reading) using cryptography systems such as DES.

> Practically speaking, Kerberos is mostly used in application-level
> protocols (ISO model level 7), such as TELNET or FTP, to provide user
> to host security.  It is also used, though less frequently, as the
> implicit authentication system of data stream (such as SOCK_STREAM) or
> RPC mechanisms (ISO model level 6).  It could also be used at a lower
> level for host to host security, in protocols like IP, UDP, or TCP

Being more 'official' than PGP, only a totally export-safe version has
got out to ftp.funet.fi.  Of course, it could be possible to patch PGP or
something else into Bones, as the non-encrypting Kerberos is called. 

> An experimental Telnet Authentication Option has been
> defined, and is described in RFC1416. (see also RFC1411).
> These RFC's only define how
> /authentication/ is to be performed; the standard for full encryption
> is still under development.

> An implementation of Kerberos V4 telnet is available via anonymous ftp
> from ftp.uu.net, in /networking/telnet.91.03.25.tar.Z, but it predates

> The IETF Common Authentication Technology Working Group is
> currently defining security extensions for the FTP protocol.  An
> Internet Draft describing their work, and the source code for a
> modified ftp/ftpd with the extensions, are now available
>         thumper.bellcore.com:pub/lunt/ftp.tar.Z
>         net-dist.mit.edu:tytso/ftp-wg/ftp.tar.Z

-----------------------------------------------------------------------
Rishab Aiyer Ghosh                            "What is civilisation
rishab@doe.ernet.in, rishab@dxm.ernet.in        but a ribonucleic
Voicemail +91 11 3760335; Vox/Fax/Data 6853410      hangover?"
H-34C Saket New Delhi 110017 INDIA
-----------------------------------------------------------------------





Thread