[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Kerberos and Hesiod?



>     Gag. If anything I'd take the GSS sunrpc foo and "gss-ize" nis+, but
there's
>     not a free nis+ server just yet
>  
>  Note that NIS+ isn't much more secure that Hesiod.  Sun's "Secure RPC"
>  uses a Diffie Helmann generator that was broken well over eight years
>  ago at this point.  (And they couldn't change the D-H generator without
>  breaking huge amounts of deployed software, so to my knowledge they
>  never did.)

The implication in this case being not to really use NIS+ but to use the GSS
rpc foo instead, and to encrypt the data whenever possible, rather than using
anything currently available.

-D



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []