Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!ucbvax!asylum.sf.ca.us!karl
From: karl@asylum.sf.ca.us (Karl Auerbach)
Newsgroups: comp.protocols.iso
Subject: kerberos and the ISO protocol standards
Message-ID: <8912150831.AA21377@asylum.sf.ca.us>
Date: 15 Dec 89 16:31:53 GMT
References: <8912141730.AA06149@rcole.hpl.hp.com>
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 22

> I would like to stress that the Kerberos people have a lot of
> experience to offer the standards activities. I would also like to
> stress that NO ONE should be niave about submitting an existing system
> and expecting it to be accepted as a standard without change.

It is too bad that the "standards" efforts going on in the
communications area are not codifying tried-and-true experience --
which I assert is the proper and correct role of "standards" activity.
Instead it seems that the so-called standards groups insist on
performing reasearch.

What is wrong with "standardizing" Kerberos?  A standard only provides
a clear statement of the workings and interfaces of a mechanism -- it
is not an endorsement that it is the best way to solve a problem.  If
two people then chose to use it, they then have a common frame of
refererence.  And they will be able to get on with whatever larger job
they have at hand.

Again, I believe that the "standards" groups are suffering from a very
serious, and very expensive case of "not invented here".

				--karl--