NESSETT@CCC.NMFECC.GOV (12/19/89)
The argument whether a cost of $12.50/user/year is significant when comparing the relative benefits of kerberos and a X.500 based approach actually turns on more basic considerations than the costs of the security mechanism per se. The question is what proportion of the overall system cost does the per certificate cost represent. A computer center supporting a user population of about 2,000 would probably have a budget of about $30 million/year. Given that large computers are becoming less economically attractive, let's cut this number in half and say you can support a user population of 2,000 on $15 million per year. That works out to about $7,500 per user per year. This is total system cost including hardware, software support, staff salaries, plant, administration, etc. Let's be real conservative and say a minimum computing environment can be sustained with a per user cost of $5,000 per year. Given such cost figures, what is the overall impact of $12.50/user/year? If the X.500 solution to authentication has major technical advantages (as Jon Rochlis suggests), it would seem prudent to employ it. Even a margin cost argument must take into account the impact of decreased interoperability when a non-standard authentication mechanism is employed. Given that the certificate approach has major technical advantages, isn't the burden of proof on the kerberos people to show that the cost savings outweigh significant costs of decreased interoperability. Perhaps even more pertinent is the fact that sites adopting kerberos will probably have to support both it and X.500, since the later is an integral part of the ISO protocol standards milieu. Dan Nessett
mts@TERMINATOR.CC.UMICH.EDU (Michael T. Stolarchuk) (12/19/89)
I'm suprised to hear X.509 is already in the same stage of development as kerberos. When do we get our 'free' copy of the source code to integrate into our unix sources? Is it written in C? Does it use ASN1? Is it integrated into pringing services already? Pretty neat. At our institution we have about 20,000 accounts we will have to migrate. When, at some point, we decide to migrate to some other mechainsm for accounts, that would be $12.5 * 20,000 -> 240,000. When we go to administration and really compare two systems and ask for money to support a centralized support mechaism for authentication... Besides, aren't there standards that are never used? mts. the snail. I'm on Jeff's side.
tytso@ATHENA.MIT.EDU (Theodore Ts'o) (12/19/89)
Date: Mon, 18 Dec 89 12:14:03 PST From: NESSETT@CCC.NMFECC.GOV Comment: From NESSETT@CCC.MFENET on December 18, 1989 at 12:14 PST Even a margin cost argument must take into account the impact of decreased interoperability when a non-standard authentication mechanism is employed. Given that the certificate approach has major technical advantages..... This may not be the right list to be debating the pro's and con's of the certificate approach; if so, please respond via personal mail. However, I don't see how it's obvious that the certificate approach has ``major technical advantages.'' For example, Jeff's point that Kerberos provides a much easier way to revoke authentication privileges --- just chage the password! Could you detail the ``obvious technical advantages''? Thanks! - Ted
ittai@SHEMESH.GBA.NYU.EDU (Ittai Hershman) (12/19/89)
> ... A computer center supporting a user population of > about 2,000 would probably have a budget of about $30 million/year. As a computer center manager I find this number hard to believe. In terms of operating budget, I think one to two million dollars/year is more than adequate for 2000 users -- about 50% of that goes for wages and salaries of support staff. Maybe in the industrial-military complex $30 mil is budgeted :-). -Ittai
bin@primate.wisc.edu (Brain in Neutral) (12/19/89)
From article <891218121403.22200126@CCC.NMFECC.GOV>, by NESSETT@CCC.NMFECC.GOV: > ...A computer center supporting a user population of about 2,000 would > probably have a budget of about $30 million/year. Given that > large computers are becoming less economically attractive, let's cut this > number in half and say you can support a user population of 2,000 on $15 > million per year. That works out to about $7,500 per user per year. This is > total system cost including hardware, software support, staff salaries, plant, > administration, etc. Let's be real conservative and say a minimum computing > environment can be sustained with a per user cost of $5,000 per year. Hmm, I support ~100 users on a staff of one (me) and my budget is (easily) less than $100K/year. That's < $1000/user/year. $12.50/user/year for certificates means I'd be spending over 1 percent of my budget *just for authorization*. No thanks. Paul DuBois dubois@primate.wisc.edu
karl@cheops.cis.ohio-state.edu (Karl Kleinpaste) (12/20/89)
nessett@ccc.nmfecc.gov writes:
A computer center supporting a user population of about 2,000 would
probably have a budget of about $30 million/year.
Surely you jest - you missed by two orders of magnitude.
I just checked the budgetary figures for this department. "wc -l
/etc/passwd" returns 2302. This fiscal year's support budget for this
~2000 user base is ~$234,000 for actual system costs (harware,
software, phones/modems, etc) and about twice that (estimated) for
staff support, mostly salaries. Call it $750,000 for round numbers.
Now you want us to add 3.6% to that budget (~$27,500) just to get
authorization.
That's just this department. Multiply by 30 for the rest of the
university: you're pushing hard for $1M.
It won't even be considered.jon@MIT.EDU (Jon A. Rochlis) (12/20/89)
$12.50/user/year for certificates means I'd be spending over 1 percent of my budget *just for authorization*. It's even worse. All you're sure of getting is "authentication" (i.e. you know who you're talking to), but not necessarily "authorization" (i.e. what you are allowed to do). You might get authorization by using certificates as capabilities, but X.509 does not address such uses. All you can count on for "sure" is authentication. If you only get authentication you still another system for managing your authorization information (e.g. Athena's Moira Service Management System). -- Jon