Kerberos does not assume clock synchronization.
Kerberos requires reasonable clock synchronization.
And, as near as I can tell, clock synchronization is not part of the
Kerberos protocol.
Kick me if I err in this.
Cutler
At 9/19/2007 08:14 AM -0400, Jeff McAdams wrote:
Stephen Sprunk wrote:
>> ... is it reasonable to assume clock synchronization in the
rest
>> of our design?
> In general, it is not. I can't think of any existing protocol
that
> does, actually.
Kerberos.
--
Jeff McAdams
"They that can give up essential liberty to obtain a
little temporary safety deserve neither liberty nor safety."
-- Benjamin Franklin
-
James R. Cutler
james.cutler@consultant.com