I think we need to open up some discussion area on how we are going to do fast-paced work vis-a-vis authentication. I read the rfc proposal I saw linked from the front of the site, and as well I saw marking for research in issues area to do research on Kerberos and NTLM but what strikes me here is we are in an area where doing fast authentication crosses proven authentication think. In general, proven authentication approaches run a little slower. To do fast-paced work, I would think some sort of HMAC based approch at sign on because much of the traffic is exposed. It just sorta works out that we would have a wrapper that can run at a stronger authentication level and just drop back to something that maybe is not as strong but follows the typical scenario a’la the pacing discussed in the rfc proposal. Not really a fun place for me to be, but if we are to attain ignition - this will have to be formalized somehow. This is something that could run in the clear. I know from running full-tilt-boogie on large projects your tag has to be droppable, it cannot reveal any useful information.
With all that rambling and buzzword bingo, I didnt quite get the intent of your post. Is there a suggestion or question hidden in all that?
probably thus: http://theory.lcs.mit.edu/~cis/sdsiui/thesis.ps
If that link is 404 try this: http://world.std.com/~cme/html/spki.html
Message was edited by: nicholas_jordan: add link, ps link may not be current.
Well, that thesis from 1997 is a bit dated, and as far as I can tell, is completely unused in the real world. Spark support PKI and Kerberos authentication, and while there are certainly places for improvement in that scheme, Ive not heard of another authentication protocol used that is better than what we are doing now.
Your original post made some vague references about speed- Kerberos and PKI are very fast, and much more secure than any password based system.
I guess Im still at a loss as to what message you are trying to get across here. Is there some special issue you want addressed?
Okay, my hickey. I spent all day yesterday trying to find stuff like that. Can you point me in the right direction?
English is obviously not your strength, I really dont understand what you are asking for. Maybe try posting in your native language and someone can translate?