* Kerberos functionality?
@ 1997-01-22 17:09 John Twilley
1997-01-22 20:33 ` Rich Pieri
0 siblings, 1 reply; 7+ messages in thread
From: John Twilley @ 1997-01-22 17:09 UTC (permalink / raw)
I know that APOP's being added eventually to ways-to-read-mail.
WIll Kerberos ever be added? I know there was discussion of something
like this in the past, but I don't know the end result.
Jack.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Kerberos functionality?
1997-01-22 17:09 Kerberos functionality? John Twilley
@ 1997-01-22 20:33 ` Rich Pieri
1997-01-22 21:42 ` Michael Welsh Duggan
1997-01-22 22:52 ` Ken Raeburn
0 siblings, 2 replies; 7+ messages in thread
From: Rich Pieri @ 1997-01-22 20:33 UTC (permalink / raw)
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "JT" == John Twilley <jmt@NDA.COM> writes:
JT> WIll Kerberos ever be added?
If you are using a Kerberized movemail program, you have it. If you are
not, you should. Implementing Kerberos authentication in Emacs-Lisp is
probably unfeasable, and is a project I have no intention of tackling.
This is why, when I finally get around to rewriting the relevant section
of nnmail.el, I will be leaving in the capability of using an external
mail program.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBMuZ5oJ6VRH7BJMxHAQFJlgP/dmSNwSblULEdgF291uxmMY1RGG/NJxOO
JN3a+CwZh6HbAqtAq0rqeSoo+dd/ZlsyBsi7IvRkGR2SF1G8QZHlgR6taGo7gevn
9Gzj3cJAjqxCGx35LeGtTny/Cp251bvOxSyEijQPULKZdVMWgn9w1gCxpr8NXZw7
677oXTuYgAY=
=fkb4
-----END PGP SIGNATURE-----
--
Rich Pieri <rich.pieri@prescienttech.com> | Caution: Happy Fun Ball may
Prescient Technologies, Inc. | suddenly accelerate to dangerous
A Stone & Webster Company | speeds.
I speak for myself, not PTI or SWEC |
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Kerberos functionality?
1997-01-22 20:33 ` Rich Pieri
@ 1997-01-22 21:42 ` Michael Welsh Duggan
1997-01-22 22:51 ` William M. Perry
1997-01-23 0:30 ` Ken Raeburn
1997-01-22 22:52 ` Ken Raeburn
1 sibling, 2 replies; 7+ messages in thread
From: Michael Welsh Duggan @ 1997-01-22 21:42 UTC (permalink / raw)
Rich Pieri <rich.pieri@PrescientTech.com> writes:
> If you are using a Kerberized movemail program, you have it. If you are
> not, you should. Implementing Kerberos authentication in Emacs-Lisp is
> probably unfeasable, and is a project I have no intention of tackling.
Actually, high on my wish list is Kerberos for emacs, in the c-code,
with some functions to access it. (Maybe integrated into
open-network-stream.)
--
Michael Duggan
(md5i@schenley.com)
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Kerberos functionality?
1997-01-22 21:42 ` Michael Welsh Duggan
@ 1997-01-22 22:51 ` William M. Perry
1997-01-23 0:30 ` Ken Raeburn
1 sibling, 0 replies; 7+ messages in thread
From: William M. Perry @ 1997-01-22 22:51 UTC (permalink / raw)
Cc: ding
Michael Welsh Duggan writes:
>Rich Pieri <rich.pieri@PrescientTech.com> writes:
>
>> If you are using a Kerberized movemail program, you have it. If you are
>> not, you should. Implementing Kerberos authentication in Emacs-Lisp is
>> probably unfeasable, and is a project I have no intention of tackling.
>
>Actually, high on my wish list is Kerberos for emacs, in the c-code,
>with some functions to access it. (Maybe integrated into
>open-network-stream.)
This wouldn't be too hard. I've had patches to do this for SSL in Emacs
for about a year now (using SSLeay of course), but haven't distributed them
for fear of jailtime. :) I'll have to whip them into shape next time I
have some spare time.
-Bill p.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Kerberos functionality?
1997-01-22 20:33 ` Rich Pieri
1997-01-22 21:42 ` Michael Welsh Duggan
@ 1997-01-22 22:52 ` Ken Raeburn
1 sibling, 0 replies; 7+ messages in thread
From: Ken Raeburn @ 1997-01-22 22:52 UTC (permalink / raw)
Rich Pieri <rich.pieri@PrescientTech.com> writes:
> >>>>> "JT" == John Twilley <jmt@NDA.COM> writes:
>
> JT> WIll Kerberos ever be added?
>
> If you are using a Kerberized movemail program, you have it. If you are
> not, you should. Implementing Kerberos authentication in Emacs-Lisp is
> probably unfeasable, and is a project I have no intention of tackling.
Probably not even possible, unless/until emacs gives you some way of
extracting both IP addresses of a net connection.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Kerberos functionality?
1997-01-22 21:42 ` Michael Welsh Duggan
1997-01-22 22:51 ` William M. Perry
@ 1997-01-23 0:30 ` Ken Raeburn
1997-01-23 15:02 ` William M. Perry
1 sibling, 1 reply; 7+ messages in thread
From: Ken Raeburn @ 1997-01-23 0:30 UTC (permalink / raw)
"Michael Welsh Duggan" <md5i@schenley.com> writes:
> Actually, high on my wish list is Kerberos for emacs, in the c-code,
> with some functions to access it. (Maybe integrated into
> open-network-stream.)
Go for it! But put plenty of thought into how interrupts should be
dealt with, blocking network i/o, that sort of thing.
I don't think integrating into open-network-stream is the best way,
though a lisp function that calls open-network-stream and then calls
krb-sendauth on the subprocess object would be very useful.
Of course, that still doesn't get us encryption....
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Kerberos functionality?
1997-01-23 0:30 ` Ken Raeburn
@ 1997-01-23 15:02 ` William M. Perry
0 siblings, 0 replies; 7+ messages in thread
From: William M. Perry @ 1997-01-23 15:02 UTC (permalink / raw)
Cc: ding
Ken Raeburn writes:
>"Michael Welsh Duggan" <md5i@schenley.com> writes:
>
>> Actually, high on my wish list is Kerberos for emacs, in the c-code,
>> with some functions to access it. (Maybe integrated into
>> open-network-stream.)
>
>Go for it! But put plenty of thought into how interrupts should be
>dealt with, blocking network i/o, that sort of thing.
>
>I don't think integrating into open-network-stream is the best way,
>though a lisp function that calls open-network-stream and then calls
>krb-sendauth on the subprocess object would be very useful.
>
>Of course, that still doesn't get us encryption....
the way I implemented SSL was you used a normal open-network-stream to
connecto to a host. Then there was a secondary call
'ssl-initialize-connection' that did all the SSL handshaking, etc, and
marked the process as 'sslified'. Then the read/write routines for
processes were modified to check the sslified bit, and use SSLread/SSLwrite
if it was set.
This turned out to be a great way to do it, because you could do all
sorts of things before the SSL connection was established - netscape-style
SSL proxying negotiation (which happens in the clear), still being able to
use telnet in a subprocess or the 'tcp' package from the old GNUS to get
outside your firewall, traversing a socks firewall, etc.
It has been a _long_ time since I really looked at kerberos, but I'm sure
something similar could be done. The real bitch was writing RSA
certificate manipulation functions that could be exported to the lisp
level. Bleah.
-Bill P.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~1997-01-23 15:02 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
1997-01-22 17:09 Kerberos functionality? John Twilley
1997-01-22 20:33 ` Rich Pieri
1997-01-22 21:42 ` Michael Welsh Duggan
1997-01-22 22:51 ` William M. Perry
1997-01-23 0:30 ` Ken Raeburn
1997-01-23 15:02 ` William M. Perry
1997-01-22 22:52 ` Ken Raeburn
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).