Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!uunet!wuarchive!zaphod.mps.ohio-state.edu!tut.cis.ohio-state.edu!ucbvax!LCS.MIT.EDU!jtw
From: jtw@LCS.MIT.EDU (John Wroclawski)
Newsgroups: comp.protocols.iso
Subject: kerberos and the ISO protocol standards
Message-ID: <8912181547.aa09441@mintaka.lcs.mit.edu>
Date: 18 Dec 89 20:47:21 GMT
References: <891213123229.5280012c@CCC.NMFECC.GOV>
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 33


   Date:	  Wed, 13 Dec 89 12:32:29 PST
   From:     NESSETT@ccc.nmfecc.gov
   Comment: From NESSETT@CCC.MFENET on December 13, 1989 at 12:32 PST

   [Lots of quotes removed]

   In the case of security in distributed systems, there is already a
   standard that provides a foundation upon which can be built systems
   with the functionality of kerberos.  This is the X.509 standard, which
   forms part of the X.500 directory service standard, and which uses
   public-key encryption to sign 'certificates' binding a user's name
   with a public-key.  Implementations of X.509 are in approximately the
   same stage of development as kerberos, although slightly behind.

   While the developers of kerberos are to be congratulated for their
   industry and appreciation of the significance of the distributed
   systems security problem, the certificate approach is much more likely
   than kerberos to be used in ISO standards.

It is somewhat interesting in the context of this ongoing attempt to
justify protocol development in the guise of standardization to note
that X.509 has recently been shown to have at least two "weaknesses"
which were presumably not anticipated by the authors (See Burrows,
Abadi, and Needham, "A Logic of Authentication", in Proceedings of the
12th ACM Symposium on Operating System Principles).

This sort of thing seemed to happen less back in the days when
standards were derived from existing widely accepted and well
understood designs, rather than being created from scratch...

  John Wroclawski
  MIT Lab for Computer Science