Ticket 5338: Race conditions in key rotation
jaltman at secure-endpoints.com
Tue Jun 24 12:46:31 EDT 2008
Jeffrey Hutzelman wrote:
> The presumption here is that there _is_ a "master" which is "more
For MIT Kerberos the introduction of "master_kdc" says exactly that.
There is in fact
a master and that master is more definitive. That is how the clients
already work when
it comes to AS requests. Our proposal is to extend that behavior to TGS
If there is no defined master, then there is no master to fallback to.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20080624/03559274/attachment.bin
More information about the krbdev