Re: [itac-list] ITAC / CISC / MicroNet Meeting from Michael Sinatra on 2006-11-08 (Micronet Mail Archive)

From: Michael Sinatra <michael_at_rancid.berkeley.edu>
Date: Wed, 08 Nov 2006 10:30:34 -0800

Michael Green wrote:
> Hello,
>
> I want to thank Patricia and Tessa, the co-chairs of ITAC, for hosting
> the joint meeting of ITAC, CISC, and MicroNet to discuss security
> infrastructure. It was great to see such a lively discussion; thanks to
> all of the members of the UCB technical community for the constructive
> debate around single sign-on and identity management.
>
> Based on the feedback from the meeting, here is my understanding of
> where we should go next:
>
> CalNet Directory Services / LDAP Infrastructure.
>
> Seems like things are going well and that we have fixed the major
> problems that we initially had with synchronizing core systems like
> PeopleSoft with LDAP. It looks like we still have the occasional
> problem with Ids in the old CalNet not being properly synchronized with
> the new CalNet infrastructure. We need to watch for these. We only
> know of a couple of occurrences, but this does not mean that we don't
> have a larger problem. If you see problems, let Rob and Lucas know.
> There is more information about how to get support here:
> https://calnet.berkeley.edu/developers/
>
> CalNet Authentication
>
> I did not hear any objections to our moving from the MIT KDC to the KDC
> in AD. Michael Sinatra had an interesting comment about physical
> security. What happens if someone steals one of the Active Directory
> machines that is providing KDC service? We need to do further
> investigation to make sure that userids and passphrases are properly
> encrypted.

I am preparing a longer list of concerns which I will be sending by the
end of the day today.

michael

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Wed Nov 08 2006 - 10:33:51 PST

This archive was generated by hypermail 2.2.0 : Wed Nov 08 2006 - 10:33:52 PST