Actually, MS extended the standard in a way that didn't break
interoperability with other platforms without the extension. I'm no
apologist for MS, but they took a bum rap on this one.

Their extensions pertained only to windows. The existance of the additional
information in no way made them incompatible with any other implementation
of the standard. Other implementations could not use the extensions, but
there presence did not cause anyone to break. Since the extensions were
related to a widows UID and GUID the information would not be useful on
non-Windows systems anyway.

Patrick Botz
Senior Technical Staff Member
eServer Security Architect
(507) 253-0917, T/L 553-0917
email: botz@xxxxxxxxxx



                                                                           
             James Rich                                                    
             <james@xxxxxxxxxx                                             
             m>                                                         To 
             Sent by:                  Midrange Systems Technical          
             midrange-l-bounce         Discussion                          
             s@xxxxxxxxxxxx            <midrange-l@xxxxxxxxxxxx>           
                                                                        cc 
                                                                           
             03/22/2004 11:58                                      Subject 
             AM                        RE: SSO and Novell -- was EIM       
                                                                           
                                                                           
             Please respond to                                             
             Midrange Systems                                              
                 Technical                                                 
                Discussion                                                 
                                                                           
                                                                           




On Fri, 19 Mar 2004, jt wrote:

> | (which for windows 2k/3k domains is
> | something called Kerberos)
>
> Huh...  And I thought Kerberos was IBM tech.  I mean, I gather it's some
> kind-a semi-standard, but somehow I thought it mainly came outta IBM
labs.
> No matter, other than I saw it is used in MS Passport, which is something
> I'm Extremely leary of.

As already pointed out, Kerberos is a standard and was developed at MIT.
When Microsoft adopted it, they (in usual MS fashion) broke the standard
in such a way that MS products could only communicate with other MS
products.  Needless to say this made a lot of people really mad.  I
believe that later MS fixed their broken implementation but I'm not sure.

James Rich






As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.