[ Thanks to Karsten M.
Self for this link. ]
“Despite Microsoft’s request to Slashdot owner and ISP
Andover.net to remove postings containing technical details of its
proprietary extensions to Kerberos, the open source authentication
standard, they’re still up there.”
“A week ago, Microsoft made the details to the PAC extensions
(privilege attribute certificate) public but only in a form which
required users to consent to an End-User Licensing Agreement
(EULA), limiting disclosure. Microsoft is unique in the industry in
not releasing the source code to its Kerberos implementations.”
“The threat Microsoft perceives isn’t from Kerberos itself,
but from the progress achieved by the Samba developers. The latest
goal for Samba’s developers is to replace Windows servers as
Primary Domain Controllers capable of serving Windows 2000
clients. Equally, Microsoft wants to make its Windows servers
compulsory in a Kerberos environment where Windows 2000 clients are
involved, and it sees an opportunity to leverage that client
base.”