About The Kerberos Consortium

We forsee a day when Kerberos-based authentication and authorization will be as ubiquitous as TCP/IP-based networking itself.

Massachusetts Institute of Technology

About - The MIT Kerberos Consortium

The Kerberos protocols invented and popularized by MIT have become fundamental building blocks of major desktop and server operating systems, core networking infrastructure, global file systems, global messaging systems, and much more. Even so, there still remains an enormous amount of work to be done.

While users need a secure single sign-on infrastructure that is ubiquitous, flexible, and unobtrusive, vendors and system administrators do not yet have the tools to provide it. Kerberos not only provides a single sign-on environment, but also has the potential to integrate other security frameworks (e.g., public key infrastructure) and password-less initial authentication mechanisms to form a complete solution that spans across federated realms.

After many years of developing Kerberos internally at MIT, it has become clear that the needs and requirements of the wider Kerberos community exceed the ability of MIT to fund future Kerberos development. The success of Kerberos has caused it to grow far beyond the original user community and the original scope of MIT's own Kerberos efforts. Although MIT could continue to fund Kerberos development at a level that would meet its own needs, a wide variety of issues that are important to operating system vendors, application vendors, and end customers lie beyond what the Institute could reasonably afford on its own. However, recognizing the important role Kerberos plays both at MIT and the larger user community, MIT is prepared to continue its investment if others will join in and support a larger effort. This effort will continue to operate at MIT as the MIT Kerberos Consortium.

The MIT Kerberos Consortium was founded in September 2007 to permit Kerberos to continue to grow and develop as a stable and universal "single sign-on" mechanism for the users of modern computer networks. The Consortium will provide a mechanism to permit greater industry participation in the funding and development of Kerberos, and thus allow it to evolve into the universal single sign-on mechanism users need but do not yet have.

The Consortium will perform software development and documentation activities necessary to achieve its goal of ubiquitous support for Kerberos-based single sign-on solutions across all aspects of the world’s communication infrastructure.

A primary objective of the Consortium is to implement the solutions it promotes in the form of open source reference implementations that can be used by Consortium members within their products and organizations without licensing fees.

For more details, please read the FAQ and the MIT Kerberos Consortium Agreement.