Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!decwrl!shelby!JUNE.CS.WASHINGTON.EDU!bcn From: bcn@JUNE.CS.WASHINGTON.EDU (Clifford Neuman) Newsgroups: comp.protocols.kerberos Subject: using kerberos for secure mail Message-ID: <8903311619.AA08144@june.cs.washington.edu> Date: 31 Mar 89 16:19:22 GMT References: Sender: daemon@shelby.Stanford.EDU Organization: The Internet Lines: 18 The existing Kerberos protocol can be used to securely pass encryption keys for secured mail messages without requiring the recipient to be logged in at the time the message is sent. The recipient of a message can chose the maximum clock skew allowed. Thus, someone sending a message could obtain a ticket for the recipient, encrypt the message in the session key, and pass the ticket along with the encrypted message. The main drawback for this scheme is that the recipient of the message would have to enter his key (password) in order to decrypt the message. The way you are looking to do things, the recipent would maintain a "cookie" that is transfered to the sender which could then generate the encrypted messages autonomously (Actually, it would still be necessary for the sender to send this cookie to the KDC). In this case, you are assuming that this "cookie" contains a long lived key. How are you going to protect that key? ~ Cliff