[19216] in Kerberos
RE: Apps aquiring tickets
daemon@ATHENA.MIT.EDU (Ben Cox)
Thu May 8 07:41:30 2003
From: Ben Cox <cox@spinnakernet.com>
To: Danilo Almeida <dalmeida@mit.edu>
In-Reply-To: <200305072116.h47LGKU8000355@melbourne-city-street.mit.edu>
Content-Type: text/plain
Message-Id: <1052394033.17867.10.camel@cox-pc.spinnakernet.com>
Mime-Version: 1.0
Date: 08 May 2003 07:40:33 -0400
Content-Transfer-Encoding: 7bit
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
On Wed, 2003-05-07 at 17:16, Danilo Almeida wrote:
> > I wonder how Windows deals with this.
>
> I think that Windows deals with this by having the user lock the machine and
> use ctrl-alt-del to unlock it. I am pretty sure that re-acquires tickets.
The user gets to choose (unless security policy prevents the user from
choosing) whether the machine will be locked when it goes to sleep. If
the user selects not to lock the machine when asleep, it will wake up
ready to go -- no password required.
Unfortunately, I think that Windows actually stores your long-term
secret in the volatile info associated with your login session, and it
may just use that when it needs to get new tickets on your behalf. But
I'm really just half-remembering at this point.
-- Ben
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
