Talk:Kerberos

	Main Article	Discussion	Related Articles  [?]	Bibliography  [?]	External Links  [?]	Citable Version  [?]
	To learn how to update the categories for this article, see here. To update categories, edit the metadata template.  Definition:  A protocol using a central server to provide two clients with a shared session key, without either client having to publish a public key. [d] [e] Checklist and Archives  Workgroup category:  Computers [Categories OK]  Subgroup category:  Security  Talk Archive:  none  English language variant:  American English Unused subpages  Unused subpages:  - Bibliography - External Links - Works - Discography - Filmography - Catalogs - Timelines - Gallery - Audio - Video - Code - Tutorials - Student Level - Signed Articles - Function - Addendum - Debate Guide - Advanced - Recipes - Citable Version

I just changed the definition to reflect what I think are the key points about this protocol. I'm not an expert in Kerberos, but it looks to me like it has no advantage over a public-key system, and a few serious disadvantages. I'm thinking of adding to the article something like the following paragraph, but I would like to get some feedback first.

Kerberos has largely been replaced by public-key systems. Both have the objective of providing a secret session key to allow encrypted communications between two clients. Both need a central server, one to distribute public keys for each client, the other to hold secret keys for each client. The server with secret keys for all clients must be very secure, much more than is required for the server holding only the public keys of all clients.

See http://en.wikipedia.org/wiki/Kerberos_(protocol)#Drawbacks for more on the disadvantages of Kerberos.

"Authentication Protocols", section 8.3 in Peterson & Davie, Computer Networks, 4th ed. (Morgan Kaufmann, 2007).
"Authentication Protocols", section 8.7 in Tanenbaum, Computer Networks, 4th ed. (Prentice Hall, 2003).
"Authentication and Authorization Controls", R. Bragg, chapter 6 in Network Security: The Complete Reference (McGraw-Hill, 2004).
--David MacQuigg 17:12, 25 November 2009 (UTC)

I think the suggested text above is wrong. For one thing, newer versions of Kerberos do use public key techniques, see for example RFC 4556. For another, it has not "largely been replaced"; it is still extremely widely deployed. As far as I know it is still the basic mechanism used in Windows network authentication.

That said, you are raising valid points. Kerberos has limitations and there are alternatives; both need to be covered. Sandy Harris 10:07, 26 November 2009 (UTC)

I read the introduction to RFC-4556, and it is not clear to me why anyone would want to add a public-key step to an already too-complex protocol. The goal is to provide a secure session key to two parties using an insecure network. That can be done directly, using public keys only, without requiring either party to reveal its secret key. PGP does it this way.

"Largely replaced" may be the wrong choice of words. Microsoft alone would qualify it as "widely deployed". I see that it is not included in Thunderbird (the most popular email client in the open-source community) or in Apple's mail client. Are there any major deployments outside of the Microsoft world?

Maybe we should just say Kerberos has no fundamental advantage over a public-key system, and a few serious disadvantages (listed in the Wikipedia article). This is the kind of fundamental summary information we need in a CZ article, information that is *not* in the textbooks or RFCs. --David MacQuigg 12:49, 26 November 2009 (UTC)