GSS-API and libkrb5 behavior for Anonymous tickets

Nicolas Williams Nicolas.Williams at
Tue Nov 3 14:13:55 EST 2009

On Tue, Nov 03, 2009 at 02:11:43PM -0500, Sam Hartman wrote:
>     Nicolas> The GSS-API very explicitly contemplates, and allows, for
>     Nicolas> security contexts with anonymous initiator and acceptor
>     Nicolas> names.
> Really?
> I was not aware that security contexts with anonymous acceptor names were permitted.
> Do you have a reference handy?

I mis-read RFC2743, section 1.2.5, page 25.  On second re-reading
RFC2743 is explicit only about initiator names as anonymous names.  But
even so, why would anonymous acceptor names not be permitted?


More information about the krbdev mailing list