Kerberos VS. SESAME

B"H

JD, you got any resources for this SESAME bit? I did a bunch of online research but only find statements of facts about its advantages over Kerberos without much explanations behind those statements...? Also, as "limited" as Kerberos might be; I don't recall ever hearing about people "in the real world" using SESAME. Maybe the version of Kerberos being weighed against SESAME is long gone and they developed some new(er) version that no longer suffered from the limitations of previous versions...?

Thanks

Dovid

Find more posts tagged with

Comments

JDMurray

I think SESAME is mostly used in Europe and by countries that favor European standards. Microsoft went Kerberos for Windows a long time ago and that seems to have swayed the USA in the Kerberos (v5) direction too.

I don't see a write-up on SESAME in any of my InfoSec Management Handbooks. The best I can recommend is a Google search.

Chassidic1

Thanks JD. Yeah, I didn't find much there either and since have moved on to the Telecom/Networking chapter. I wanted to get some more background than Conrad's shorter overview on DNSSEC. I got to say, generally speaking, this fellow Mark Minassi (whose work I have studied before in the context of Microsoft books I read for work) is a pretty cool speaker. If you do a google search for "Mark Minass + DNS" or DNSSEC, or, yes, Kerberos, you can find these videos. They are pretty detailed about the process and he makes some funny (and unfortunately, also some inappropriate) jokes.

Best Regards,
Dovid