need project review
Henry B. Hotz
hotz at jpl.nasa.gov
Tue Apr 8 15:11:54 EDT 2008
On Apr 8, 2008, at 6:26 AM, krbdev-request at mit.edu wrote:
> So the point is to store an mkey with the associated KNVO (this will
> come in handy in a follow on project to support updating the master
> key
> and migrating KDB entries). That > 1 mkey can be stored in a keytab
> is
> a secondary point however I'm wondering if this feature could be put
> to
> good use in regards to dealing with a corrupted K/M princ, perhaps
> allowing reconstruction of the princ using the keys in the keytab.
> Other than that I'm not sure what purpose keeping the older mkeys in
> the
> keytab would serve.
It would be nice if cross-realm keys could be imported/exchanged with
keytab files. A keytab import capability has other possible uses. ;-)
------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the krbdev
mailing list