support for KDC referrals in the MIT KRB5 code
Sam Hartman
hartmans at MIT.EDU
Wed Nov 29 14:04:57 EST 2006
>>>>> "JC" == JC Ferguson <jc at acopia.com> writes:
JC> Hi, what version of the MIT KRB5 library code has support for
JC> the KDC referrals internet draft, i.e.,
JC> http://ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-referrals-08.
JC> txt ? If it isn't supported yet, is it on a roadmap for
JC> future consideration?
Hi. MIt Kerberos 1.6 contains the client side of realm referals. It
can handle receiving a krbtgt principal from a KDC instead of a
service principal.
The code does not support a referral from one service principal to
another within a realm. Also, there is not KDC side support for this
code yet.
The 1.6 release is now in alpha test.
We would be delighted to work with any party that wanted to contribute
more referrals support. We are much more interested in supporting the
internet draft than the Windows 2000 behavior.
More information about the krbdev
mailing list