“It’s been a hectic week for the little security protocol
that could.”
“On Thursday, lawyers for Andover.Net, the parent company of the
Linux enthusiast site Slashdot, posted a response to a legal
challenge posed by Microsoft Corp. lawyers last week over Kerberos.
On the same day, the Massachusetts Institute of Technology
announced it was working with Apple Computer Inc. to insure
availability of Kerberos for the forthcoming Mac OS X operating
system. And to top it all off, CERT warned of a Kerberos buffer
overflow that could result in severe security problems for certain
implementations.”
“Microsoft was one of those vendors that opted to add Kerberos
Version 5 support to Windows 2000. Over the past two weeks,
however, Microsoft decided to go after Slashdot, in its role as
ISP, regarding a handful of postings that Microsoft claimed
violated the nondisclosure agreements it required as part of the
licensing terms for proprietary extensions it made to the Kerberos
protocol.”
“On Thursday, Slashdot lawyers responded to Microsoft’s request
to pull the offending posts in an open letter posted to the
Slashdot Web site. … The letter went on to comment on whether
Microsoft has a legal right to attempt to trademark and protect
proprietary extensions to a public protocol. Many Slashdot
protesters have focused on whether Microsoft’s demand that Slashdot
remove posts that allegedly violate a non-disclosure agreement is
an example of an abuse of the Digital Millennium Copyright
Act.”