Date: Fri, 7 Dec 2001 08:53:41 -0800 (PST) From: "Jason C. Wells" <jcwells@highperformance.net> To: j mckitrick <jcm@FreeBSD-uk.eu.org> Cc: freebsd-chat@FreeBSD.ORG Subject: Re: Can someone explain the Passport/Kerberos connection? Message-ID: <Pine.BSF.4.21.0112070845570.23467-100000@server.highperformance.net> In-Reply-To: <20011207161949.B48707@dogma.freebsd-uk.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 7 Dec 2001, j mckitrick wrote: > I have a basic understanding how Kerberos works, with tickets, > encryption, and authentication. I guess my real question is how is this > implemented in http? How does Passport use it to lock an identity to > one session on a browser somewhere? Got a URL? I am slowly working on my Kerberos knowledge these days. I would venture that it is just like any other kerberized app except that it somehow supports the non-persistent http connection. It might use the tickets to reauthenticate with each new GET or it might put an expiration time on a session. One would be more secure. The latter would use less overhead. I would also guess that Kerberos is used for authentication only since SSL is well supported for encrypting network traffic in web servers. Later, Jason C. Wells To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0112070845570.23467-100000>