[Cvsnt] Kerberos: gserver and SSPI

Francis Irving francis.irving at creaturelabs.com
Mon Apr 15 11:00:56 BST 2002


On Fri, 12 Apr 2002 13:59:34 -0500, Brian Smith
<brian-l-smith at uiowa.edu> wrote:

>> - Is there a user-level term for "SSPI"?  That seems to be more than
>> API that you use to talk to Windows.  Just describing it as "Windows
>> authentication (:sspi:)" might be reasonable.
>
>Sure. You might say "Windows Authentication (TCP/IP)" to distinguish it
>from "Windows Authentication (Named Pipes)".

OK, I'm just going to call them this for now:

"Windows authentication (:sspi:)"
"Windows authentication (:ntserver:)"

As it looks to me like SSPI is more likely to be more secure (using
Kerberos when both client and server support it), I assume that should
be listed first?

There doesn't seem to be a good way of indicating to a user which to
use and when.

>> - How does SSPI relate to :ntserver:?  Which is more secure, is
>> ntserver being deprecated?
>
>Tony would be better at answering these questions because I don't know
>anything about named pipes.

I'd be interested to hear Tony, as it will clarify how TortoiseCVS
should present these options.

Thanks Brian,

Francis
_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt



More information about the cvsnt mailing list