MSFT KDC renew behaviour
Paul Moore
paul.moore at centrify.com
Mon Jan 9 12:11:19 EST 2006
I was assuming that this list was the repository of the correct
interpretation of RFC1510. Can you please direct me to which list is
-----Original Message-----
From: Sam Hartman [mailto:hartmans at mit.edu]
Sent: Monday, January 09, 2006 4:14 AM
To: Paul Moore
Cc: krbdev at MIT.EDU
Subject: Re: MSFT KDC renew behaviour
>>>>> "Paul" == Paul Moore <paul.moore at centrify.com> writes:
Paul> MSFT will renew a tgt and give it an end-time that goes
Paul> beyond the original ticket's renew-until time. The
Paul> renew-until time must not have passed - that works
Paul> correctly. But they will issue a new ticket with an end time
Paul> = to, say, Renew-until + 10 hours
This list is a development list for MIt Kerberos. Discussions of
whether Microsoft KDC behavior are correct or not are not on topic for
this list.
If you want to know what Microsoft does, talk to them. If you believe
it is incorrect, again, Microsoft is the only company in a position to
help you fix that.
If you're finding that MIT Kerberos deals poorly with the Microsoft
behavior, then by all means bring it up here.
If you find that the spec is unclear or have questions about the spec,
then please ask on the IETF list.
--Sam
More information about the krbdev
mailing list