Ticket File Cached in Memory?
Akos.Frohner at cern.ch
Thu Aug 27 09:47:26 EDT 2009
On Thu, 2009-08-27 14:42:29 +0200, Greg Hudson wrote:
> One way to protect the server from replays is to design the protocol so
> that the server sends a nonce to the client and requires the client to
> play it back (with stream protection, of course).
Unfortunately our protocol does not make use of stream protection,
just uses Kerberos as one of the GSS-API authentication methods.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4143 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20090827/de70afe6/attachment.bin
More information about the krbdev