Having understood a many authentication system I must say that Kerberos stands apart , for many good reasons and needless to state. One of the hindrance though is its direct applicability in WWW, though the MIT folks and a lot of Kerberos supporters are doing a good job to gap that up. One thing that that's worth a look is at Kerberos applicability to the Cloud,
and probably MIT consortium can hear from this and have a paper release over it. (unless I have not checked on the latest paper releases which covers it)
There are already customers out there who have their entire authentication systems Kerberos enabled. But to gain from the cost efficient model of Cloud computing, a lot of business would like to expand their business via it. So it becomes important on how practitioners can have their existing kerberized applications work seamlessly in a cloud environment. This springs out a lot many issues, thoughts as well as ways to achieve it. One of the challenges could be how can customer applications on a Public Cloud be enabled to use Kerberos authentication , where the customer KDC is within his/her intranet.
Is SaaS enabled KDC one of the solution to it ?
I think so, though there can be many solutions but they all need to be creased out by lot of us via blogs/articles/papers so that the practitioners can benefit.
I want to see Kerberos on Cloud Number 9 in the World of Clouds....well its the end user and businesses to benefit as it will derive a secure cloud environment to them