Twitter
Facebook
LinkedIn
Google+
YouTubeusenix conference policies
Kerberos Plus RSA for World Wide Web Security
Website Maintenance Alert
Due to scheduled maintenance, the USENIX website may not be available on Monday, March 17, from 10:00 am–6:00 pm Pacific Daylight Time (UTC -7). We apologize for the inconvenience and thank you for your patience.
If you would like to register for NSDI '25, SREcon25 Americas, or PEPR '25, please complete your registration before or after this time period.
Don Davis, Consultant
We show how to use Kerberos to enable its clients to interact securely with non-Kerberized World Wide Web servers. That is, our protocol does not require that the Web server be a member of a Kerberos realm, and also does not rely on time-synchronization between the participants. In our protocol, the Kerberos client uses the Web server's public-key certificate to gain cryptographic credentials that conform to public-key authentication standards, and to SHTTP. The client does not perform any public-key encryptions. Further, the client is well-protected from a man-in-the-middle attack that weakens SSL. Our protocol conforms to the current specifications for the Kerberos protocol and for the Secure Hypertext Transfer Protocol.
author = {Don Davis},
title = {Kerberos Plus {RSA} for World Wide Web Security},
booktitle = {First USENIX Workshop on Electronic Commerce ( First USENIX Workshop on Electronic Commerce)},
year = {1995},
address = {New York, NY},
url = {https://www.usenix.org/conference/first-usenix-workshop-electronic-commerce/kerberos-plus-rsa-world-wide-web-security},
publisher = {USENIX Association},
month = jul
}
connect with us