Windows 2000 KDC interoperability

Alistair Mackay abm at
Tue Dec 10 19:35:00 EST 2002

> -----Original Message-----
> From: Sam Hartman [mailto:hartmans at]
> Sent: 10 December 2002 18:04
> To: abm at
> Cc: krbdev at
> Subject: Re: Windows 2000 KDC interoperability
> TCP has been implemented and will ship in Kerberos 1.3.  IT will be
> enabled on the client by default and can be enabled on the KDC.

That's good to hear

> If you ran into buffer issues with anything besides telnet we'd be
> interested.  Telnet is not really something we are putting much effort
> into right now and we're looking in the long run at having some
> external group maintain telnet and the r-cmds.

We did at the time test each app to breaking point by increasing the ticket
size and recording this, although I don't have those results to hand now.
Ultimately, any app that uses static buffers for receiving authentication
data will break when the ticket size exceeds the buffer size.

> I don't think we plan to implement code to disable the PAC.

Shouldn't be necessary as long as all apps take into account that ticket
data may be any size.

More information about the krbdev mailing list