Summary

The conference was very enjoyable and informative. I now feel that our systems are much more vulnerable than I thought. Many of the assumptions made by the security people at the conference were that most places had Firewalls to keep many of the "bad people" out. Given that we have none, and have such an untrusted community INSIDE, we are in trouble. Most people who advocate one-time passwords say, in the same breath, "If we could implement Kerberos, it would be good enough." Therefore, we are one step ahead of the game with kerberized clients already out there. We need to make sure that our common filesystem architecture seamlessly interfaces with kerberized authentication for logins.