MS SPNEGO Replay Detection

Sam Hartman hartmans at MIT.EDU
Wed Mar 19 17:43:04 EST 2003

>>>>> "Nebergall," == Nebergall, Christopher <cneberg at> writes:

    Nebergall,> I've been testing SPNEGO tokens sent by Internet
    Nebergall,> Explorer and the token's internal Kerberos
    Nebergall,> gss_init_sec_context token sent by IE are occasionally
    Nebergall,> being seen as a replay by MIT Kerberos.  This normally
    Nebergall,> only occurs when I try to load a page in apache with
    Nebergall,> several images and I frequently reload the page.

This is a known bug in the Microsoft implementation.

More information about the krbdev mailing list