Linux Today: Linux News On Internet Time.

Jeremy Allison: Microsoft document kerberos PAC format - with a catch...

May 01, 2000, 20:18 (34 Talkback[s])
(Other stories by Jeremy Allison)

[ Linux Today reader Jeremy Allison writes: ]

"Check out the URL :


Essentially, Microsoft have documented the proprietary changes they made to Kerberos 5, but made the changes available in a self extracting executable.

Running this .exe gives this click-through license which you must agree to before extracting (NB. I did not agree and the extract terminates).

"b. The Specification is confidential information and a trade secret of Microsoft. Therefore, you may not disclose the Specification to anyone else (except as specifically allowed below), and you must take reasonable security precautions, at least as great as the precautions you take to protect your own confidential information, to keep the Specification confidential. If you are an entity, you may disclose the Specification to your full-time employees on a need to know basis, provided that you have executed appropriate written agreements with your employees sufficient to enable you to comply with the terms of this Agreement. You are also permitted to discuss the Specification with anyone else who has downloaded the Specification and agreed to these terms and conditions."

This is course is a very clever way to pretend to distribute the spec, whilst making it completely impossible to implement in Open Source kerberos servers. If you did of course the full weight of US anti-reverse engineering laws would descend upon you.

Well done Microsoft, seems the DOJ hasn't blunted your competitive edge at all :-) :-).


Jeremy Allison,
Samba Team."

Related Stories: