Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!sobeco!jlee
From: jlee@sobeco.com (j.lee)
Newsgroups: comp.unix.admin
Subject: Re: Project Athena
Message-ID: <1991May14.131056.6161@sobeco.com>
Date: 14 May 91 13:10:56 GMT
References: <12049@mentor.cc.purdue.edu> <1991May8.174603.26309@athena.mit.edu> <12067@mentor.cc.purdue.edu> <%M_*_#*@ads.com>
Sender: @sobeco.com
Distribution: na
Organization: Groupe Sobeco, Montreal, Canada
Lines: 34
Nntp-Posting-Host: sobeco.sobeco.com

In <%M_*_#*@ads.com> henry@ADS.COM (Henry Mensch) writes:

>there is nothing of value (i.e., user data, service provision) on an
>workstation in an Athena-style environment.  this concept is that of
>the dataless workstation; in this model, your workstation is like a
>public telephone: you authenticate to it (with your Kerberos private
>key/"password" for the workstation; with  your calling card or other
>payment method to the public telephone), and you use it.  there's
>nothing on the phone which guarantees you privileged access to any
>other phone user's data on the network, and the same goes for the
>Athena workstation.  

I have read several of the Kerberos papers, but two questions remain:

(1) Sure, the central servers don't have to trust my workstation, but
I (as an end-user) do.  How can I be sure that when I walk up to a
workstation with a login prompt that I can trust the "login" code?
Workstations are NOT like telephones in that they are smart devices
and can easily be reprogrammed.

(2) End-users authenticate themselves by typing in a password.  How
do servers authenticate themselves?  Is the service password compiled
into the binary, and if so, how do you protect both the binary and the
source?

>you can educate yourself; there are papers available which describe the
>various Athena network services ... FTP to ATHENA-DIST.MIT.EDU ...
>look in the pub directory.

If the answers to these questions really are in the papers, feel free
to tell me so.  However, the last time I looked into Kerberos, these
issues were not covered in the papers I read.

Jeff Lee 	jlee@sobeco.com || jonah@cs.toronto.edu