jon@bitsy.mit.edu (Jon Rochlis) (01/27/89)
What is Kerberos and why is it needed?
In an open network computing environment a workstation cannot be
trusted to identify its users correctly to network services. Software
on the workstations may not be trustworthly, so being a privileged user
on a workstation is not a meaningful test of authenticity. Source
network addresses are so easily forged that they are are meaningful
either. Passwords sent uncrypted on the network are vulnerable to
wiretappers. Kerberos provides an alternative approach whereby a
trusted third-party encryption-based authentication service is used to
verify users' identities. Much more information is available with the
documentation (see below).
How to get it:
The first public release of the Kerberos Authentication System is ready
for retrieval. Initial distribution will be by anonymous
FTP; eventually 9-track tapes will be available.
To retrieve the distribution, ftp to ATHENA-DIST.MIT.EDU (18.71.0.38),
login as anonymous (password whatever you like, usually your
username@host), then cd to pub/kerberos.
Retrieve README.ftp, it has directions on how to get to the rest of the
software.
Distribution is split compressed tar files (xxx.Z.aa, xxx.Z.ab, ...).
If you would like to retrieve documents separately, you can get them
from pub/kerberos/doc (documents) or pub/kerberos/man (manual pages).
If you prefer hardcopy of the documentation, send your address and request
to "info-kerberos@athena.mit.edu".
If you would like to be put on the Kerberos e-mail list
("kerberos@athena.mit.edu"), send your request to
"kerberos-request@athena.mit.edu".
I would like to thank the following people for their assistance in
getting Kerberos in shape for release:
Andrew Borthwick-Leslie
Bill Bryant
Doug Church
Rob French
Dan Geer
Andrew Greene
Ken Raeburn
Jon Rochlis
Mike Shanzer
Bill Sommerfeld
Jennifer Steiner
Win Treese
Stan Zanarotti
FYI, the copyright notice:
Copyright (C) 1989 by the Massachusetts Institute of Technology
Export of this software from the United States of America is assumed
to require a specific license from the United States Government.
It is the responsibility of any person or organization contemplating
export to obtain such a license before exporting.
WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute
this software and its documentation for any purpose and without fee is
hereby granted, provided that the above copyright notice appear in all
copies and that both that copyright notice and this permission notice
appear in supporting documentation, and that the name of M.I.T. not be
used in advertising or publicity pertaining to distribution of the
software without specific, written prior permission. M.I.T. makes no
representations about the suitability of this software for any
purpose. It is provided "as is" without express or implied warranty.
The Kerberos specific papers are:
Kerberos: An Authenication Severice for Open Network Systems by
Steiner, Neuman, and Schiller. In the Winter 1988 Usenix Proceedings.
Kerberos Authentication and Authorization System by Miller, Neuman,
Schiller, and Saltzer. Section E.2.1 of the MIT Project Athena
Technical Plan.