Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!usc!zaphod.mps.ohio-state.edu!wuarchive!decwrl!orc!bbn!bbn.com!craig
From: craig@bbn.com (Craig Partridge)
Newsgroups: comp.protocols.iso
Subject: re: costs of kerberos and X.500
Message-ID: <49917@bbn.COM>
Date: 19 Dec 89 18:26:40 GMT
Sender: news@bbn.COM
Reply-To: craig@BBN.COM (Craig Partridge)
Organization: Bolt Beranek and Newman Inc., Cambridge MA
Lines: 31


> The argument whether a cost of $12.50/user/year is significant when comparing
> the relative benefits of kerberos and a X.500 based approach actually turns on
> more basic considerations than the costs of the security mechanism per se.
> The question is what proportion of the overall system cost does the per
> certificate cost represent.....  
> ... Let's be real conservative and say a minimum computing
> environment can be sustained with a per user cost of $5,000 per year.
> 
> Given such cost figures, what is the overall impact of $12.50/user/year?

Dan:

    I think your logic is faulty here.

    The true cost of that certificate is probably > $100.  12.50 plus
a couple of labor hours of managing that certificate.

    To take a standard bureaucratic situation.  That certificate has to
be requisitions, a check has to be cut, the certificate has to be received,
it has to be filed (it is a valuable enough to keep track of) and I have
to be told what it is.  My company isn't this bad, but lots of places are.

    Purchasing things in a corporate world can often cost a lot more than
the price tag on the thing you buy.

    So we're now talking a 2% budget hit for your computer center costs.
Big enough for someone to notice, although perhaps not big enough for them
to care.

Craig