[24295] in Kerberos
Re: EAP-Kerberos
daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu Jul 14 16:24:25 2005
To: Thomas Otto <t.otto@sharevolution.de>
From: Sam Hartman <hartmans-ietf@mit.edu>
Date: Thu, 14 Jul 2005 16:23:18 -0400
In-Reply-To: <200507142214.11886.t.otto@sharevolution.de> (Thomas Otto's
message of "Thu, 14 Jul 2005 22:14:11 +0200")
Message-ID: <tslslyhnnm1.fsf@cz.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: cmh@netsteady.cc
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
In general you want to combine case 1 and case 2. So that if the user
has no ticket you get one, then you use that to get a ticket for the
accesspoint. You certainly never want to give the access point or EAP
server the password.
I'd recommend talking to Derek Atkins about your proposal.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
