[OpenAFS] why kerberos only works in monolithic organizations

Russ Allbery rra@stanford.edu
Fri, 30 Dec 2005 10:12:56 -0800

Ken Hornstein <kenh@cmf.nrl.navy.mil> writes:

> In theory you don't need to encrypt the CA certificate, but you should
> verify it's integrity somehow.  This is one of the places where PKI
> tends to cheat; it works great in the usual case where web browsers have
> a standard list of CAs that they accept.

For values of great equal to "trusting a bunch of commercial CAs proven to
be willing to hand out signed certificates to random people with only a
minimum of identification."  I definitely would not trust, say, Verisign
to do identity management properly.  They're more interested in making

> While I agree it removes the need to share a _secret_, they still need
> to have some sort of trust relationship that should in theory involve
> some out-of-band initialization.  At the end of the day, I don't see
> this fundamentally easier than the initialization that Kerberos does.


Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>