KRB_AP_REP question

matt rottyguy70 at yahoo.com
Thu Feb 19 17:11:38 EST 2004


greetings,

my understanding is that the KRB_AP_REP is returned by the host when
mutual authentication is requested by the client.  as part of the
client authenticator, it can choose to provide (among others)
checksum, seq_no, subkey.  however, in the KRB_AP_REP message, only
seq_no and subkey are returned (negotiated).  how come the host side
checksum is omitted?  what if the client wants to validate the
server's response payload?

thanks.


More information about the Kerberos mailing list