Reuse of GSSAPI Tokens
Nicolas.Williams at sun.com
Thu Jul 21 12:11:25 EDT 2005
On Thu, Jul 21, 2005 at 12:03:46PM -0400, Jiva DeVoe wrote:
> I'm not sure what this means.
> Is it possible to use the token twice? Or not?
> I mean, obviously, I could reuse the context itself... am just
> curious if kerberos defines that a token may not be used to establish
> more than one context.
Kerberos does that, yes.
> What is Replay caching?
There's a cache of AP-REQs that have been seen in the time skew window
(+- 5 minutes), and none are accepted that have been seen or which fall
outside the replay window.
More information about the krbdev