Groups | Search | Server Info | Login | Register
Groups > comp.protocols.kerberos > #5473
| From | Nico Williams <nico@cryptonector.com> |
|---|---|
| Newsgroups | comp.protocols.kerberos |
| Subject | Re: interested in discussing some Kerberos improvements |
| Date | 2026-04-02 23:42 -0500 |
| Organization | TNet Consulting |
| Message-ID | <mailman.11.1775191345.1813.kerberos@mit.edu> (permalink) |
| References | (5 earlier) <202603310142.62V1gCdW028597@hedwig.cmf.nrl.navy.mil> <0520e122-01cb-4ecb-81fe-b38cddb744ff@geoffthorpe.net> <87o6k0n6fm.fsf@hope.eyrie.org> <202604030220.6332K860020338@hedwig.cmf.nrl.navy.mil> <ac9FJ99n1xMWq7rU@ubby> |
On Thu, Apr 02, 2026 at 10:20:07PM -0400, Ken Hornstein via Kerberos wrote: > I can think of situations where you might be issued X.509 certificates > that you would want to use for authentication, rather than a keytab. Like a TPM. Just in time to be obsoleted by the move to PQC. (Though, still, if you treat the public keys as secrets then it can be safe should we get a CRQC.) Nico --
Back to comp.protocols.kerberos | Previous | Next | Find similar
Re: interested in discussing some Kerberos improvements Nico Williams <nico@cryptonector.com> - 2026-04-02 23:42 -0500
csiph-web