[24250] in Kerberos
Re: Updating encryption types
daemon@ATHENA.MIT.EDU (Jeffrey Hutzelman)
Thu Jul 7 21:22:11 2005
Date: Thu, 07 Jul 2005 21:21:25 -0400
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: Phil Dibowitz <phil@usc.edu>
Message-ID: <69BE70D2AC172185808D8980@sirius.fac.cs.cmu.edu>
In-Reply-To: <20050708011816.GD8907@usc.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
cc: Toan Nguyen <toan@usc.edu>
cc: Kevin Coffman <kwc@citi.umich.edu>
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
On Thursday, July 07, 2005 06:18:16 PM -0700 Phil Dibowitz <phil@usc.edu>
wrote:
> On Thu, Jul 07, 2005 at 09:03:36PM -0400, Jeffrey Hutzelman wrote:
>>
>>
>> On Thursday, July 07, 2005 05:46:18 PM -0700 Phil Dibowitz
>> <phil@usc.edu> wrote:
>>
>> > and the right tgt (based on Kerberos by Brian Tung), doesn't seem to be
>> > doing anything:
>> >
>> > krbtgt@ISD.USC.EDU
>>
>> This principal is meaningless, and is used for nothing.
>>
>> > and the mystery ticket is doing everything:
>> >
>> > krbtgt/ISD.USC.EDU@ISD.USC.EDU
>>
>> This principal is the local-realm ticket-granting service.
>>
>> In other words, it's working exactly like it's supposed to. It's
>> anyone's guess where the meaningless principal came from.
>
> So krbtgt@REALM is not what MIT krb uses as the TGT, it uses
> krbtgt/REALM@REALM - just a discrepency between the MIT implimentation
> and the Kerb book I have?
It's not what _anything_ uses, and so far as I can remember never has been.
If the book says that, then either it's a typo or Brian was asleep when he
wrote that part. :-)
-- Jeff
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
