The Standard: Kerberos Loophole May Close Around Microsoft's NeckMay 21, 2000, 08:40 (4 Talkback[s])
(Other stories by Dominic Gates)
"As a legal wrangle develops over whether the Linux/open-source news Web site Slashdot.org can post messages containing what Microsoft (MSFT) calls a "trade secret," key members of the technical standards community have lost patience with the software giant's assertion of proprietary control over an open standard."
"At issue is a security protocol called Kerberos, a mechanism that enables secure identity authentication when users log on to a network. The version of Kerberos in Windows 2000 exploits a loophole in the Internet standard specification that was deliberately left open for customized versions."
"Upset that Microsoft has in essence driven a truck painted with the Windows logo straight through that opening, Clifford Neuman, the principal author of the original MIT version of Kerberos and current editor of the IETF's Kerberos standard document, is drafting a proposal to close the hole in the spec. The IETF is an international group that sets standards for the Internet."