lawrence@s47.Prime.COM (Scott Lawrence) (06/23/89)
Those of us who are considering incorporating Kerberos into commercial
products are less concerned with the problems of exporting source. For our
purposes a binary distribution with the restricted entry points concealed will
do quite well most of the time.
Assuming that the next release will include support for multiple encryption
algorithms, we can even leave in the privacy routines but use an exportable
(presumably weaker) algorithm for privacy while continuing to use DES for the
integrity and authentication functions.
I suspect that carefull design can even get around the password changing
problem; the concern is with the ability to encrypt arbitrary data - a
password value does not represent a very wide channel.
As for the suggestion that the protocol could be redesigned to use only one way
encryption; it probably would solve even the source distribution problem. So
long as only the operations 'encrypt' and 'encrypt and compare' are provided
and 'decrypt' is not - anything goes (at least that was the clear implication;
take your own chances).
---
Scott Lawrence | Internet: lawrence@s47.Prime.COM
Communications Engineering | Usenet: {sun,decvax}!cvbnet!s47.Prime.COM!lawrence
Prime Computer, Inc. | Phone: [508] 879-2960 Voice: x3704 Fax: x3901