comparing SSL with other peer protocols like kerberos many issues comes
Advantage of SSL over Kerberos :
1) It doesn't require an accessible trusted third party.
2) It can be used to establish a secure connection even when one end of
the connection doesn't have a "secret". As we know client authentication
can be done by digital certifications or just a username and password.
It depends how the server is implemented. That is why client authentication
1) If a Verisign certificate issued to a user is compromised and must
be revoked, how will all the servers with whom that user interacts know
that the certificate is no longer valid. Either revocation certificates
have to be circulated to all relevant servers and cached for a long time,
or servers have to verify incoming user certificates against a "revocation
2) If I'm issued a Verisign certificate, it has to live on my hard disk.
It may be encrypted there such that I have to unlock it with a password
before I can use it, but it's still on the hard disk and therefore vulnerable
to cracking attacks.
3) Implement a new authentication technology for SSL, will lead to a new
versions of all my SSL-capable applications, which is a bit complicated
and time consuming.