[483] in Kerberos_Protocol
Re: Ticket extensions in Kerberos revisions
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Thu May 4 12:26:33 2000
Date: Thu, 4 May 2000 12:22:18 -0400
From: Nicolas Williams <willian@ubsw.com>
To: cat-ietf@MIT.EDU, krb-protocol@MIT.EDU
Cc: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Message-Id: <20000504122216.C1094@sm2p1386swk.wdr.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <200005041547.LAA11924@ginger.cmf.nrl.navy.mil>
On Thu, 04 May 2000, Ken Hornstein <kenh@cmf.nrl.navy.mil> wrote:
> >> (It makes me wonder why the third-party app couldn't pass ticket +
> >> authenticator to a system service, where _he_ could verify it and give
> >> the appropriate privs to the third-party app).
> >
> >Because the third-party app has to have access to its service principal
> >key and so can forge tickets to itself.
>
> So give only the system service access to the principal key (and I'm
> confused right now; according to Martin Rex, what I described _is_ the
> way it works. Who's right?)
Ok, that'd work.
So what should be done with that ticket extension field in the draft?
I would still endorse a new standard along the lines of what MS did or
my other proposal. But I'm not convinced anymore that it's absolutely
necessary.
> --Ken
Nico
--
