26 Apr
2001
26 Apr
'01
11:43
Probelm I have heard with kerberos so far is the lack of documentation. COuld you point me to some? I would really love to implement it. On Wed, 25 Apr 2001, Kurt Seifried wrote:
NIS/NIS+/LDAP are all about the same unless you are SSL enabling all your LDAP stuff in which case it can be a good deal safer. Of course that means you have to do some SSL rollout of certs properly or an attacker can spoof/man in the middle/etc. If you want some real security I'd reccomend Kerberos. It's very non-trivial however (but worth it for sufficiently large/paranoid organizations).
Kurt Seifried, seifried@securityportal.com Securityportal - your focal point for security on the 'net