Sequence numbering after export and import of context
Michael B Allen
ioplex at gmail.com
Sun Oct 5 12:09:09 EDT 2008
On Sun, Oct 5, 2008 at 7:51 AM, Markus Moeller <huaraz at moeller.plus.com> wrote:
> I have an application which initializes the security context in one process
> does some gss_wrap/gss_unwrap calls and then exports the context to hand it
> over to another process which imports the context and continues the
> gss_wrap/gss_unwrap. Would the second process restart sequencing at 0 or
> continuing from where the context was exported ?
I'm not even going to try to come up with a citation but common sense
would suggest that an imported GSS context must use the sequence
number of the exported context and must never reset the sequence
number to 0. I don't see how the peer could even know that the
sequence number was reset.
Mike
--
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/
More information about the Kerberos
mailing list