svn rev #23579: trunk/src/clients/kinit/
hartmans@MIT.EDU
hartmans at MIT.EDU
Mon Jan 4 14:59:03 EST 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=23579
Commit By: hartmans
Log Message:
Fix documentation of armor cache based on fast negotiation project.
Changed Files:
U trunk/src/clients/kinit/kinit.M
Modified: trunk/src/clients/kinit/kinit.M
===================================================================
--- trunk/src/clients/kinit/kinit.M 2010-01-04 19:34:33 UTC (rev 23578)
+++ trunk/src/clients/kinit/kinit.M 2010-01-04 19:59:03 UTC (rev 23579)
@@ -140,9 +140,11 @@
.TP
\fB\-T\fP \fIarmor_ccache\fP
Specifies the name of a credential cache that already contains a
-ticket. This ccache will be used to armor the request. Ideally, an
-attacker should have to attack both the armor ticket and the key of
-the principal.
+ticket. If supported by the KDC, This ccache will be used to armor
+the request so that an attacker would have to know both the key of the
+armor ticket and the key of the principal used for authentication in
+order to attack the request. Armoring also makes sure that the
+response from the KDC is not modified in transit.
.TP
\fB\-c\fP \fIcache_name\fP
use
More information about the cvs-krb5
mailing list