> Benjamin Kaduk <[hidden email]> writes:
>> The core kerberos protocol itself is pretty well-analyzed, and unlikely
>> to have been backdoored. There could potentially be issues with the
>> crypto primitives used by a particular Kerberos implementation or
>> encryption type (e.g., PRNG, block cipher, and hash function), but such
>> issues would have much broader consequences than just kerberos. AES is
>> probably fine, but, say, the md4 hash function used in arcfour-hmac's
>> string-to-key is not so good, and as mentioned already RFC 6649
>> deprecates some weak enctypes.
> With Kerberos, it's always worth being aware that it's a trusted central
> authentication system.
Isn't there a distributed version of Kerberos5 which avoids this problem?
Wang Shouhua - [hidden email] 中华人民共和国科学技术部 - HTTP://WWW.MOST.GOV.CN