Tuesday, February 18, 2014

[kulorxrt] Personal Kerberos realms

Is the world made better by making it easy to set up a Kerberos realm for personal use?  (I don't know how difficult it is, now; maybe not so hard.)

The general idea is to segregate the many computing agents -- programs -- a person might have working for himself or herself, likely distributed across many different personal servers, limiting their privileges and restricting interaction between them.  This is very different from how Kerberos is typically deployed in an enterprise with many users: each user typically gets just 1 principal.  (The inspiration was imagining how different things might be if users could easily get many principals.)

We will likely want a shared filesystem that obeys Kerberos, most commonly AFS.

No comments :