Is there any rational in using SSL and kerberos? Let me explain before you say no. Let's say I have a service that you log into using SSL. Since the public key and private keys are the same and the handshake is the same (i.e. you know the first packets are for login/password) even thoe as a sniffer of the packets I can't read them. I could still spoof the clients encrypted packets and at least make the service think it has a valid client, even thoe I still can read the packets (I just can fake the initial protocol with the unreadable packets I sniffed). Since Kerberos has a time based factor for the public key an additional level of security exists while SSL lacks this.
Thanks in advance for your help. -Leland
