[krbdev.mit.edu #2027] Premature error 32 (tickets expired) in K4
Ron DiNapoli via RT
rt-comment at krbdev.mit.edu
Mon Mar 15 17:15:45 EST 2004
Sam--
When you get a chance, can you email me an explanation of what the
security issue is? You started to explain it a few months ago, but
when I raised a question regarding the difference between renewing a
ticket with 5 minutes left and one with 4 hours and 5 minutes left, you
stated you needed to think about it and would get back to me. The
email I just received is the first communication I've seen on the
subject since then, so I'd just like some clarification. I believe
I've kept up on watching the krbdev traffic, but, again, I haven't seen
this issues discussed any further.
Thanks,
--Ron D.
On Mar 15, 2004, at 3:26 PM, Sam Hartman via RT wrote:
> Per discussions on krbdev at mit.edu and kerberos at mit.edu, this is not a
> bug. The source code has been updated to make it clear that k4
> tickets need to end five minutes earlier and that not doing so is a
> security issue.
>
>
_________________________________________________________________
Ron DiNapoli
Programmer/Analyst, Lead
Cornell University, CIT/I&D
rd29 at cornell.edu
(607) 255-7605
More information about the krb5-bugs
mailing list