[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Network nirvana [Re: Since Fedora is not aimed at enterpise/business..]

From: Chris Ricker <kaboom gatech edu>
To: fedora-devel-list redhat com
Subject: Re: Network nirvana [Re: Since Fedora is not aimed at enterpise/business..]
Date: Wed, 1 Oct 2003 15:13:20 -0600 (MDT)

On Wed, 1 Oct 2003, Owen Taylor wrote:

> That may be the case currently, but why does it have to be that
> way? What we are talking about is fundamentally pretty simple:
> 
>  - Central user database
>  - Single sign-on passwords
>  - Secure network exported home dirs 

There's your problem. Secure distributed single sign-on protocols (like
krb5) are NOT simple. Sure, more documentation is needed (there's only one
in-print Kerberos book, and it doesn't really say a whole lot, for example)
but documentation only gets you so far.... krb is inherently more involved
to set up or trouble-shoot than, say, NIS, and that's not really changeable
given krb's architecture (and any replacement protocol will likely have to
be just as complex, given everything a secure distributed authentication
protocol has to protect against).

later,
chris

Follow-Ups:
- Re: Network nirvana [Re: Since Fedora is not aimed atenterpise/business ..]
  - From: Owen Taylor

References:
- Re: Network nirvana [Re: Since Fedora is not aimed at enterpise/business..]
  - From: Chuck Wolber
- Re: Network nirvana [Re: Since Fedora is not aimed atenterpise/business ..]
  - From: Owen Taylor

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]