default_tkt_enctypes and default_tgs_enctypes linkage?
Henry B. Hotz
hotz at jpl.nasa.gov
Fri Sep 9 15:17:57 EDT 2005
On Sep 8, 2005, at 4:50 PM, krbdev-request at mit.edu wrote:
> Is there ever a case in which someone can have >1 TGT for a particular
> TGS/KDC? If not, why would the default_tgs_enctypes be used to decide
> which TGT to use if there is only one?
A) You may have multiple tgt's with different enctypes. KfW does this
now, getting both a single-des tgt and a higher-strength one if
possible.
B) You may have a "native" tgt in one ccache, and a cross-realm tgt in
another ccache (at least on a Mac).
C) I'd think combinations of the above are possible.
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the krbdev
mailing list