Re: [Evolution] SMTP AUTH and Evo

GSSAPI is what provides Kerberos V, yes?
No, Kerberos V provides Kerberos V.

It Cyrus IMAPd, OpenLDAP, PHP, and Samba; Kerberos V *IS* provided via 
GSS.  "gssapi.h" is found under  /usr/kerberos/include/gssapi/.  But I
don't know if there is another -direct- API that can be used.  I only
use Kerberos V not develope on it

I've asked about this on the
list a couple of times.  I've seen other people ask about it.  Kerberos
networks are hardly rare, and becoming more common.
I'd dispute that. I would assert that Kerberos is an outdated system
from the beginning of time that is rapidly being overtaken by more
recent technology. And I know, because I have to know how to configure
and use it.

I'll have to flat out disagree. Windows 2000, XP, and Active Directory
*finally* brought Kerberos V to the M$ platform.  It is the ONLY
authentication method supported by an AD "domain" (mixed mode aside). 
Don't see how  that makes it outdated.  And I certainly don't see
anything standing in line to compete with it.  It is the ONLY
single-sign-on technology I've ever encountered that actually works.

Linux boxes in a
WinY2k domain are almost certainly using Kerberos V.
That is not so.

?  Then what do they do.  winbind, etc..., only support NT4 domains. 
Turn off mixed-mode on the server, and what have your got - Kerberos V.

Please consider
this requested.  Evolution is the only app that I actually have to enter
a password (beyond gdm of course) to access stuff.
You wouldn't have to enter a password unless someone (a sysadmin?) made
that mandatory. 

I am the sys-admin.  So people should be able to access mailboxes
without authenticating to the mail server?

Having to enter a password does not mean anything else
than that you are required to authenticate yourself by any one of
several different means. 

Yea, that is the point.

If you have to enter a password in Evo, you'd
have to enter it in Mozilla or Outlook as well.

Don't know about mozilla.  But not in Outlook on WinY2k, or pine on
UNIX.  They support Kerberos V and perform ticket forwarding and
negotiation and I'm authenticated to the mail server with no password,
as I already authenticated to the KDC (when I logged in).  Kerberos V is
a single sign-on system.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]