The two obvious approaches seem to be Kerberos (widely used and
oriented towards providing security for client-server relationships)
and PEM (not as widely used yet, oriented towards providing protection
for MIME objects such as messages.)
I'm attempting to put together a reasonably fair assesment of
potential advantages and problems for each of three different methods
for providing security:
- Kerberos
- PEM with symmetric cryptography only
- PEM with asymmetric cryptography
I'd appreciate hearing from anyone with some knowledge about the
application and implications about each of these approaches
(preferably something more than I can have, which consists of a casual
reading of the pertinent RFCs, drafts, FAQs, and the like) regarding
how readily the necessary support structure can be/is being put in
place, how important the various services each offers is, how
potentially extensible each is, and that kind of thing. If people
care, I can post the resulting document and let the flames begin. :-)
(For that matter, if someone knows a much better method that I didn't
know about, let me know about that too.)
-- Marc VanHeyningen [email protected] MIME, RIPEM & HTTP spoken here