GSS-API routine for renewing credentials

Nicolas Williams Nicolas.Williams at sun.com
Wed Apr 18 18:16:23 EDT 2007


On Thu, Apr 19, 2007 at 12:10:12AM +0200, Robert wrote:
> I do have control over the protocol (That is, in one instance. Another 
> instance will
> probably make use of SASL). Thanks for your elaborate answer. It's much 
> appreciated.
> I 'll go and play around with it a bit.

Even if you're using SASL, if you have control over the application
protocol you may still be able to signal the peer to tear down the SASL
security layers and start over with new SASL authentication and security
layers.



More information about the Kerberos mailing list