Windows 2000 Kerberos Protocol Implementation

Microsoft has received many inquiries about Kerberos interoperability in Windows 2000. There has been a great deal of confusion in the press regarding the purpose of the Kerberos protocol and the version 5 specification, and this has resulted in inaccurate reports regarding the Kerberos implementation in Windows 2000. The following resources provide background information on the Kerberos implementation in Windows 2000, and show that it is not only compliant with the specification, but is fully interoperable with other standards-based implementations of the protocol.

Market Bulletin explaining the use of Kerberos in Windows 2000 -
http://www.microsoft.com/windows2000/techinfo/howitworks/security/kerbint.asp

Whitepaper on the use of Kerberos in Windows 2000 -
http://www.microsoft.com/windows2000/library/howitworks/security/kerberos.asp

Whitepaper detailing Kerberos interoperability in Windows 2000 -
http://www.microsoft.com/windows2000/library/howitworks/security/kerbint.asp

Recent press release explaining successful Kerberos interoperability at Morgan Stanley (between Windows 2000 Kerberos and CyberSafe Kerberos)
http://www.microsoft.com/PressPass/press/2000/Jan00/CyberSafePR.mspx

IETF specification - (page 46 spells out the optional auth-data field)
http://www.ietf.org/rfc/rfc1510.txt?number=1510


Top of pageTop of page