Does anybody know: Enctype used to encrypt authenticator?

Tom_Krauss thomas.krauss at itserv.de
Fri Feb 8 04:09:22 EST 2013


Hi, 

I understood that a client sends two items in an AP-REQ to a service.
The service ticket and an authenticator.

The authenticator is encrypted with the session key known only to client and
server and it contains
a timestamp and principal of the client. So when the server decrypts the
authenticator with the session key provided to him by the ticket and finds a
good timestamp and the name of the principal matches the client he is happy
to serve.

What I do not understand is how the client chooses the enctype to use with
the session key to build the authenticator. 

How does he know to choose an enctype that is supported by the server?

Does anybody know this?

Thanks in advance and cheers 

Tom



--
View this message in context: http://kerberos.996246.n3.nabble.com/Does-anybody-know-Enctype-used-to-encrypt-authenticator-tp36370.html
Sent from the Kerberos - General mailing list archive at Nabble.com.


More information about the Kerberos mailing list