Requesting use of addresses in forwardable tickets
Ken Hornstein
kenh at cmf.nrl.navy.mil
Wed Sep 11 15:20:01 EDT 2002
>Well then, here is an (untested) mod to the KDC which should not
>add addresses if the original TGT did not have addresses:
Silly question: Wouldn't this be more appropriate as a client-side
modification? E.g., if the client TGT has no addresses, fwd_tgt becomes
almost a no-op (that would cut down one round-trip to the KDC, and that
would be a good thing IMHO). I'm just worried because I can think of a
few cases where I would want an addressless ticket to be forwarded to
a machine and _have_ addresses, and doing this on the KDC would completely
prohibit that.
--Ken
More information about the krbdev
mailing list