Using Kerberos for authenticating the distribution of controlled substances, etc.

Jeffrey Altman jaltman at
Thu Jul 19 08:06:38 EDT 2007

Henry B. Hotz wrote:
> In the interest of not re-inventing wheels where possible: remember  
> the "initial" flag and its use with password changing.  From an  
> application standpoint is it sufficient to require "initial" service  
> tickets and enforce a short ticket lifetime (e.g. 5 min.)?  That  
> doesn't address client/UI issues, of course.

I don't know how we can make use of initial service tickets in
conjunction with GSS-API.

Nor do I know what the UI and API for generating the dialogs should look
like yet.   The requirement that individual authentications for multiple
users within the same application makes things very interesting.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the krbdev mailing list