Auditing Feature in Kerberos

Henry B. Hotz hotz at
Mon Jan 23 19:03:29 EST 2006

What do you want to audit?

If you log the ticket life for each ticket issued then you can in  
principle determine who had the rights to access something at a given  
time.  I'm not sure there is any more information to be had at the  

On Jan 23, 2006, at 9:01 AM, krbdev-request at wrote:

> Message: 1
> Date: Mon, 23 Jan 2006 04:15:12 -0700
> From: "K.G. Gokulavasan" <kgokulavasan at>
> Subject: Auditing Feature in Kerberos
> To: <krbdev at>
> Message-ID: <43D50818020000F10000A116 at>
> Content-Type: text/plain; charset=US-ASCII
> Hi,
>   We are planning to implement auditing feature for kerberos. We would
> like to know whether anyone is already working on the auditing feature
> or any thoughts on how to go about it.
> Regards,
>  Gokul.

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at, or hbhotz at

More information about the krbdev mailing list