Kerboros explain

beoweolf beoweolf at
Tue Aug 12 10:53:01 EDT 2008

Its a mater of "cost". Authentication of a server, service, any entity 
requires system resources, it is expensive in time as well as cup cycles, 
system memory, setup cost, etc.

a reasonable comparison is found in computational differences in sending 
encryption. A lot of upfront effort is invested in protecting key 
distribution, but once done the actual transmission of encrypted data can be 
accomplished at greatly reduced "cost" based on preexisting session or 
historical identity.

Renewing TGT/TGS is much faster than the initial setup.

"kisito" <momo_tene at> wrote in message 
news:mailman.44.1217865479.3905.kerberos at
> Hi
> In the operation of the Kerberos protocol, why Authentication Server , 
> when
> delivering the TGT, does not directly issued the service ticket? (so I do
> not see why have complicated the protocol by introducing the TGS)
> -- 
> View this message in context: 
> Sent from the Kerberos - General mailing list archive at

More information about the Kerberos mailing list