1995-01-27 - Re: CERT statement
Header Data
From: “Perry E. Metzger” <perry@imsi.com>
To: Marc Horowitz <marc@cam.ov.com>
Message Hash: ca97e0e85312f2272b34749d16fb797a083b0bdd6d7d7ecd33a92e8b15520610
Message ID: <9501270006.AA17831@snark.imsi.com>
Reply To: <9501262142.AA07376@dun-dun-noodles.cam.ov.com>
UTC Datetime: 1995-01-27 00:07:07 UTC
Raw Date: Thu, 26 Jan 95 16:07:07 PST
Raw message
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 16:07:07 PST
To: Marc Horowitz <marc@cam.ov.com>
Subject: Re: CERT statement
In-Reply-To: <9501262142.AA07376@dun-dun-noodles.cam.ov.com>
Message-ID: <9501270006.AA17831@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain
Marc Horowitz says:
> You're exactly right. However, getting people to deploy real security
> systems is nearly impossible. My company sells a kerberos system, and
> although everyone is saying they want security, nobody really
> understands what this means, and as soon as we tell them that it
> actually involves effort, they become far less interested.
Kerberos per se isn't sufficient to defend against session hijacking
attacks, you know. The situation in question is really insidious and
requires packet-by-packet cryptographic authentication.
Perry
Thread
Return to January 1995
- Return to ““Ian Farquhar” <ianf@sydney.sgi.com>”
- Return to “Marc Horowitz <marc@cam.ov.com>”
- Return to ““Perry E. Metzger” <perry@imsi.com>”
Return to “Thomas Grant Edwards <tedwards@src.umd.edu>”
- 1995-01-26 (Thu, 26 Jan 95 13:39:44 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-27 (Thu, 26 Jan 95 16:07:07 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:09:05 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-27 (Thu, 26 Jan 95 16:23:19 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 10:50:35 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 10:53:30 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 11:09:38 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 11:32:12 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 11:09:38 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 10:53:30 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:09:05 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-30 (Sun, 29 Jan 95 16:03:30 PST) - Re: CERT statement - “Ian Farquhar” <ianf@sydney.sgi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:07:07 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>