Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

MS provides Kerberos interop code

By konstant in News
Wed Jun 28, 2000 at 04:33:39 AM EST
Tags: Security (all tags)

Microsoft has published a document on its TechNet security site providing most of the information in the infamous CAB file plus sample code. There appears to be no onerous license this time. I wonder whether anyone will repent their comments about MS's intentions in releasing the earlier spec?


Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure


Related Links
o published a document
o Also by konstant

Display: Sort:
MS provides Kerberos interop code | 23 comments (13 topical, 10 editorial, 0 hidden)
Not I... (2.00 / 1) (#2)
by Alhazred on Tue Jun 27, 2000 at 04:56:19 PM EST

Just because they got themselves busted so hard for it that they relented doesn't mean they didn't try...

Perhaps their lawyers told them the deal wouldn't hold up, or maybe they were just stupid to begin with, who knows? I think personally that /. beat them. ;o)
That is not dead which may eternal lie And with strange aeons death itself may die.
From the MS website EULA (4.70 / 3) (#4)
by fluffy grue on Tue Jun 27, 2000 at 05:51:56 PM EST

NOTICE SPECIFIC TO DOCUMENTS AVAILABLE ON THIS WEBSITE. Permission to use Documents (such as white papers, press releases, datasheets and FAQs) from this server ("Server") is granted, provided that (1) the below copyright notice appears in all copies and that both the copyright notice and this permission notice appear, (2) use of such Documents from this Server is for informational and non-commercial or personal use only and will not be copied or posted on any network computer or broadcast in any media, and (3) no modifications of any Documents are made. Educational institutions ( specifically K-12, universities and state community colleges) may download and reproduce the Documents for distribution in the classroom. Distribution outside the classroom requires express written permission. Use for any other purpose is expressly prohibited by law, and may result in severe civil and criminal penalties. Violators will be prosecuted to the maximum extent possible.

Documents specified above do not include the design or layout of the Microsoft.com website or any other Microsoft owned, operated, licensed or controlled site. Elements of Microsoft websites are protected by trade dress, trademark, unfair competition, and other laws and may not be copied or imitated in whole or in part. No logo, graphic, sound or image from any Microsoft website may be copied or retransmitted unless expressly permitted by Microsoft.

I think the second paragraph can be interpreted to mean that it's got the same damned "trade secret" protections as it did the first time around, though cat '/proc/sys/fluffy grue' | s/lawyer/CS grad student/g/.
"Is not a quine" is not a quine.
I have a master's degree in science!

[ Hug Your Trikuare ]

Re: From the MS website EULA (none / 0) (#5)
by fluffy grue on Tue Jun 27, 2000 at 05:53:13 PM EST

Damn, shoulda hit preview. I meant, cat '/proc/sys/fluffy grue' | sed 's/lawyer/CS grad student/g'.
"Is not a quine" is not a quine.
I have a master's degree in science!

[ Hug Your Trikuare ]
[ Parent ]

Re: From the MS website EULA (4.50 / 2) (#6)
by iCEBaLM on Tue Jun 27, 2000 at 05:58:32 PM EST

No, this copyright only pertains to the actual documents and images themselves. If someone were to look at the document, look at the sample code, and reimpliment interoperable code in the MIT kerberos distribution without copying the code line by line, then there is nothing MS can do about it.

-- iCEBaLM

[ Parent ]
Both topical and editorial (1.50 / 2) (#9)
by Demona on Tue Jun 27, 2000 at 06:38:56 PM EST

Needs more writeup, but most especially in light of the fact that the /. lawsuit is far from resolved, as well as the larger issues surrounding the "embracing and extending" of Kerberos. If MS is really publishing the specs openly now, why don't they drop the /. suit, either quietly to attempt to avoid discussion or with great fanfare designed to make them look magnanimous?

Lawsuit?? (3.00 / 1) (#11)
by End on Tue Jun 27, 2000 at 07:09:21 PM EST

I was not aware that MS had actually sued slashdot - did this happen while I was on vacation?? All I knew was that MS had sent a c&d letter and slashdot had responded.

[ Parent ]

Re: Lawsuit?? (5.00 / 2) (#15)
by iCEBaLM on Tue Jun 27, 2000 at 07:31:49 PM EST

From my interest (in being one of the named commentors in the MS C&D letter) in talking with roblimo he conveyed to me that (at the time I talked to him, which was atleast 2 weeks after they sent their reply) they'd heard no more from MS.

-- iCEBaLM

[ Parent ]
Re: Lawsuit?? (none / 0) (#21)
by Demona on Wed Jun 28, 2000 at 02:04:14 PM EST

Yeah, that was my bad. "Sabre rattling", not a formal lawsuit. Still and all, every time these goddamn lawyers do something like this, they need to be called on the carpet for it ASAP; their stupidities and follies must be exposed to the light of day and held up for public ridicule, and torn to shreds the same way they've been tearing us new ones for so many centuries. "A little sunlight is the best disinfectant." (Holmes, I believe)

[ Parent ]
"Appears" to have no bad license? (2.00 / 1) (#17)
by jmcneill on Tue Jun 27, 2000 at 09:03:04 PM EST

I want to keep myself untainted just incase there _is_ a bad license tied to it. It'd be fun to hack in support for that into Samba. I'd consider myself a backup :D
``Of course it runs NetBSD.''
Open Standards (none / 0) (#18)
by Neuromancer on Wed Jun 28, 2000 at 08:06:54 AM EST

Well, M$ can't really expect to hijack an open protocol and get away with it can they? They can't possibly hope to take any ground in the already installed base of users using it if their software just plain doesn't work with kerberos, but has the same name on it.

Maybe it was Apple & MIT. (none / 0) (#19)
by johan on Wed Jun 28, 2000 at 10:42:47 AM EST

Supposedly, Apple and MIT are working together to put Kerberos into MacOS X. I haven't seen Apple explicitly attack Microsquish by comparing their Open Source snuggliness with Microsquish's abscence thereof. But i can imagine that perhaps a few people at Microsquish know they look a lot worse (if only to geeks) because Apple (as well as Sun) appear to be embracing Open Source and an unmodified V5 Kerberos protocol.

So in that regard, perhaps we have Apple (or the MacOS X team) to thank for the recent relaxation (however small) at Microsquish. Sometimes i wonder if Microsquish's managment isn't like China's government: despite appearances to the contrary, both are sensitive to external opinion, but they'd sooner eat glass than admit it.

This in mind, i don't think a slight warming at Microsquish indicates that they never had any intention of subverting the Kerberos V5 protocol standard. Microsquish has done that too many times for me to ignore or view as an accident. But perhaps various recent events have caused Microsquish to try to tread a more sensitively, though they wouldn't admit it.

(5.00 / 1) (#22)
by Pinball Wizard on Wed Jun 28, 2000 at 04:29:30 PM EST

>> I wonder whether anyone will repent their comments about MS's intentions in releasing the earlier spec

konstant, I don't exactly repent(I was justifiably pissed at Microsoft about the whole kerberos issue) but I am willing to go back on my decision to stop buying Microsoft products. I was one of the more vocal people on slashdot, if you'll recall the series of articles.

If Microsoft continues to support standards rather than the "embrace, extend, extinguish" policy they seem to have favored, I will be one happy camper. I happen to like certain Microsoft products, namely Windows 2000(have yet to seen it crash), and SQL Server(truly an awesome DB). It would have hurt considerably to dump this stuff, but I was prepared to do so nonetheless.

By the way, if you are the same konstant who appears on slashdot, you should identify yourself as an MS employee to the kuro5hin readers.

Note quite.... (none / 0) (#23)
by tytso on Wed Jun 28, 2000 at 10:24:09 PM EST

Actually, if you look at the TechWeb site, there isn't nearly enough information to create an interoperable implementation. There's a very high-level discussion about what's in a Kerberos AUTH_DATA field, but there are no bits-and-bytes descrption of what actually goes into that field.

MS provides Kerberos interop code | 23 comments (13 topical, 10 editorial, 0 hidden)
Display: Sort:


All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!