jyg@BETA.LANL.GOV (John Greer) (04/05/91)
Someone from Security Dynamics claims the version 5 of Kerberos has "hooks" built in that allows the use of smartcard with Kerberos. Is this true? John Greer Los Alamos National Laboratory
tytso@ATHENA.MIT.EDU (Theodore Ts'o) (04/06/91)
Date: Thu, 4 Apr 91 15:25:06 -0700 From: jyg@beta.lanl.gov (John Greer) Someone from Security Dynamics claims the version 5 of Kerberos has "hooks" built in that allows the use of smartcard with Kerberos. Is this true? Well, yes and no. The protocol specification of Kerberos V5 makes it possible that a smart card system could be integrated with Kerberos V5 authentication. However, as far as I know, no one has written the code to actually do this. Certainly the MIT implementation (which will be released to the public when it enters beta-test) has no "hooks" in the code to support Security Dynamic's smartcards. - Ted
bcn@CS.WASHINGTON.EDU (Clifford Neuman) (04/08/91)
The protocol includes two fields (pre-authentication data) that may be used to add support for smart cards. There are several different smart cards that are in existence, and the way that these fields are to be used is likely to be different for each kind of smart card. We are willing to work with anyone wanting to add support for their particular smartcard mechanism, but at the moment we have not done so. ~ Cliff