[38145] in Kerberos
Re: FW: Kerberos question/bug
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Dec 28 14:44:42 2017
To: William HARDY <whardy@pictet.com>, "'kerberos@mit.edu'" <kerberos@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <69f86a35-fb2c-05fe-bd7a-522c0766ad2c@mit.edu>
Date: Thu, 28 Dec 2017 14:44:19 -0500
MIME-Version: 1.0
In-Reply-To: <0WU6VYL1F092BR-01@mg01001.pictet.com>
Content-Type: text/plain; charset="windows-1252"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
On 12/28/2017 02:18 AM, William HARDY wrote:
> What is supposed to be in the TGS-REQ (Kerberos->tgs-req->req-body->sname->name-string->KerberosString: ? )
sname contains the server principal name. RFC 4120 describes the
protocol in detail.
> It seems that from the same machine (resolving on the same DNS servers), the contents of this field differs in a Wireshark capture depending on the application used event though the destination server is the same. What is supposed to be in “KerberosString” field ? What determines the content of this field ?
It is common for server principal names to have two components (two
KerberosStrings in the name-string sequence), where the first names the
application protocol and the second names the server host. So the first
component might be "host" (typically for ssh) or "ldap" or "HTTP", and
the second is the FQDN of the server host.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
