2003 going from Kerberos to PKI?

[IceBall]

If you read the article on The Register it looks like Microsoft is changing from Kerberos to PKI in windows 2003. Is this true? How will it work?

http://www.theregister.co.uk/content/55/30581.html

From The Register:
"With the arrival of Windows Server 2003 we might be forgiven if we think that Kerberos, a "secure method for authenticating a request for a service in a computer network", is on its way out. After all, Microsoft have been seen as the principal torch bearer. What is clear in Server 2003 is that Microsoft are starting to push PKI as the way forward. Talk to Microsoft people and you might find an unusual ambivalence to Kerberos."

/IceBall



MCSE+I NT 4.0
MCSE w2k

 

[Seaspray0]

They may be pushing certificates, but they're not going to get rid of kerberos. If they do drop anything, it would be NTLM authentication but I doubt that as well. There are options to dissable NTLM even in 2000 but it would be stupid not to even offer it since NT and 9x require it. Certificates are nice, but they require extra management. The one thing I have seen them drop in XP was NETBEUI. If microsoft wishes to maintain compatability with Unix, they will be keeping kerberos.