[30214] in Kerberos
Re: Kerboros explain
daemon@ATHENA.MIT.EDU (beoweolf)
Tue Aug 12 13:14:45 2008
From: "beoweolf" <beoweolf@pacbell.net>
In-Reply-To: <mailman.44.1217865479.3905.kerberos@mit.edu>
MIME-Version: 1.0
Message-ID: <Dshok.16981$xZ.10899@nlpi070.nbdc.sbc.com>
X-Complaints-To: abuse@prodigy.net
Date: Tue, 12 Aug 2008 07:53:01 -0700
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Its a mater of "cost". Authentication of a server, service, any entity
requires system resources, it is expensive in time as well as cup cycles,
system memory, setup cost, etc.
a reasonable comparison is found in computational differences in sending
encryption. A lot of upfront effort is invested in protecting key
distribution, but once done the actual transmission of encrypted data can be
accomplished at greatly reduced "cost" based on preexisting session or
historical identity.
Renewing TGT/TGS is much faster than the initial setup.
"kisito" <momo_tene@yahoo.fr> wrote in message
news:mailman.44.1217865479.3905.kerberos@mit.edu...
>
> Hi
>
> In the operation of the Kerberos protocol, why Authentication Server ,
> when
> delivering the TGT, does not directly issued the service ticket? (so I do
> not see why have complicated the protocol by introducing the TGS)
> --
> View this message in context:
> http://www.nabble.com/Kerboros-explain-tp18787840p18787840.html
> Sent from the Kerberos - General mailing list archive at Nabble.com.
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
