On June 30, 2006 9:36:35 AM -0500 "Douglas E. Engert" <deengert at anl.gov> wrote: > (3) Another approach (I have not seen mods for this) is to have the KDC > send the pa-data to the OTP server to decrypt, and then the OTP server > updates its database and tells the KDC it was accepted. I've been planning on implementing this. -frank