DCE for the HP e3000 (B3821-90002)
General Information
Release Limitations
Chapter 1
20
Interoperability of the Domestic and International Versions
The Domestic and International versions are interoperable with one limitation,
Domestic-based application servers or clients that specify the privacy RPC data
protection level are not interoperable with servers or clients based on the International
version.
Neither the Domestic or International versions of DCE are interoperable with any DCE
version that have been built with the DES code omitted. Some DCE ports from other
vendors were built in this way in order to meet United Sates export requirements. If you
are running a DCE port from another vendor, check with that vendor for details.
Kerberos Authentication Protocol Compatibility
The DCE Security authentication service implements the Kerberos Version 5 Revision 5
protocol specification. Although Kerberos Version 5 includes backward compatibility
support for Kerberos Version 4, DCE Security does not implement this support.
Security for DCE User Accounts
A user’s DCE credentials are not automatically removed by exiting a shell or logging out.
Unless you plan to leave background processes running that require your DCE
credentials, you should manually remove your credentials before logging out by running
the kdestroy utility. This makes the system more secure by decreasing the opportunity
for someone to gain access to your network credentials.
If you do not use kdestroy, DCE credentials are retained in the directory
/opt/dcelocal/var/security/creds.To avoid unnecessarydisk spaceusage, inactive credentialfiles
should be periodically purged from this directory.