[24620] in Kerberos

home help back first fref pref prev next nref lref last post

Re: Question about kerberos

daemon@ATHENA.MIT.EDU (Ken Raeburn)
Fri Sep 9 16:00:50 2005

In-Reply-To: <DD8B8FEBBFAF9E488F63FF0F1A69EDD10174A376@ftrdmel1.rd.francetelecom.fr>
Mime-Version: 1.0 (Apple Message framework v734)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <E0F6F2D0-63B2-4185-BE7D-05DBB448B88E@mit.edu>
Content-Transfer-Encoding: 7bit
From: Ken Raeburn <raeburn@mit.edu>
Date: Fri, 9 Sep 2005 16:00:04 -0400
To: "SIRE Jean-Luc RD-CORE-ISS" <jeanluc.sire@francetelecom.com>
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu

On Sep 9, 2005, at 5:12, SIRE Jean-Luc RD-CORE-ISS wrote:
> I have a general question about kerberos :
>
> It concerns the KRB-AS-REP message where there is 2 encrypted parts :
> *    Part 1) One included in the ticket,
> *    Part 2) And another one in the "enc-part" of the message itself.
>
> I have understood that to crypt the second part it's used the client's
> key
> But when i read the RFC, it doesn't appear clearly which key is  
> used to
> crypt the part 1 (ie the ticket sent by the KDC to the client) ...

RFC 4120 section 5.3 describes the ticket structure and the  
encryption parameters used for protecting parts of it.

ken
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post