JAVASEC - Using Java client with Windows 2003 AD with mixed case PrincipalNames
Douglas E. Engert
deengert at anl.gov
Wed Dec 1 17:48:19 EST 2004
Sam Hartman wrote:
> All these issues have been discussed on the ietf-krb-wg list although
> never quite in the same place.
>
> Java is wrong in how it handles preauth; the advice in my preauth
> draft would be a better approach.
I agree it is wrong. What I would like to see is the Java people
admit this and fix it and work in the krb-wg too.
>
> AD is stretching clarifications significantly in how it handles case
> of principal names. However it's much more usable than what other
> implementations do. There was a long and heated discussion between
> Martin Rex and people at Microsoft over this issue.
Some how I miss that point. Hopefully the explaination I put together
will get the Java people to do something about the preauth.
>
> --Sam
>
>
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list