Loadays 2011

Went to loadays, where I did a talk on "Single sign-on with Kerberos and LDAP". Or, at least, that was the intention—when I found out that there was going to be a tutorial on LDAP the next day, I decided to focus my talk mostly on kerberos, only lightly touching LDAP. As it turned out, that was a great decision—I could easily fill a whole hour on Kerberos, anyway, and though doing a kerberos setup without doing ldap too is fairly silly, doing it properly would have required more time than was assigned to me.

Instead, I managed to talk the audience through most of the important theory about kerberos (things like "what is a principal", "what is a ticket", etc), and did a live demo in which I configured a kerberos realm on a virtual machine, and then used SSH to connect—passwordless—to that machine from a second virtual machine on the same virtual network. While I would've loved to make it even better by throwing in a kerberized HTTP configuration, I couldn't do much more than just mention the fact that it can be done—as is the case for sasl-enabled protocols (imap, ldap, smtp, etc) and some other things.

The talk seems to have been a success with the audience, too; the room itself was full, nobody actually left (which usually is a good sign in and of itself), and I got only positive feedback from the people who were there; one person even went so far as to say that he considerd it the best talk he'd seen thus far, today. Which I think is pretty high praise, considering how my talk was in the penultimate time slot.

All in all, a good day.