Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!mcgill-vision!bloom-beacon!snorkelwacker!apple!mips!zaphod.mps.ohio-state.edu!tut.cis.ohio-state.edu!ucbvax!asylum.sf.ca.us!karl From: karl@asylum.sf.ca.us (Karl Auerbach) Newsgroups: comp.protocols.iso Subject: kerberos and the ISO protocol standards Message-ID: <8912180840.AA09995@asylum.sf.ca.us> Date: 18 Dec 89 16:40:32 GMT References: <8912180928.AA07892@rcole.hpl.hp.com> Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 68 > You seem to be fairly convinced that standards makers are all > luddites ... I am convinced of their sincerity, but not of their competence. I strongly subscribe to Marshall Rose's notion of "doers" and "goers". > First, you must realise that having more than one standard for > anything is as bad as having no standard. I disagree. It is good to have concise standards that do exactly the job at hand, not monstrosities that try to solve everything. That's why there are umpteen standards for screw gauges, strengths, etc. So I can buy exactly what I need. That's why there are so many different types of airliners, automobiles, screwdrivers, and medicines. We will need several authentication standards -- as there need to be several levels of trust/believability. Third party schemes will be necessary at times and two party schemes will be necessary at others. Simple handshakes at the front may be adequate for some, and continuous, repeated challanges necessary for others. Since tools tend to be built to do the job intended, the builders will select among the workable standards for the best for the job. There won't be the situation you describe where every tool will have to speak every authentication language. Rather, a tool will talk to its peers who have (perhaps informally) selected the same security standard. > Clearly this is expensive and you know who will pay. This OSI stuff is expensive -- it is damaging real networking, and GOSIP is going to cost the US and the UK and other nations a major bundle. The IBM-like "fear, uncertainty, and doubt" that you are trying to cast on Kerberos (because it is "non standard") is harming people who need added security TODAY. Give Don Parker at SRI or Jay Blumbecker (sp) in LA a call to get some numbers about the loss per day because of security problems in today's systems. The time to reach one, single, perfect standard is wasting big $$. > Given that only one standard will be acceptable... Wrong -- the OSI folks may reach one "standard" under their banner, but there will be other proposals, for instance Kerberos, and the market will chose. Take a look at the ANSI or ISO catalogues. You will see hundreds of standards that didn't make in the big world. > 2. from those who want to see the standard somewhat future-proof by > making the standard more general than any individual application would > seem to warrant. I spent nearly ten years the the business of network and operating system security. I have never seen any evidence that there can be any all-purpose solution. You are looking for the pot at the end of the rainbow. > then there must be compromises. and that is why there can not be one security standard. Many people will have needs which do not comport with the committee's choices. > I hope you agree that democracy and economics are best served by a > single standard that meets the perceived needs of the widest > community. No I don't. Particularly not for security. Indeed one the the best ways to get a secure system is to have multiple layers (or "firewalls") using different security techniques at each layer. --karl--