[36456] in Kerberos
Fwd: How do the tickets remember the KDC?
daemon@ATHENA.MIT.EDU (Rick van Rein)
Fri Sep 12 15:07:46 2014
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Rick van Rein <rick@openfortress.nl>
Date: Fri, 12 Sep 2014 21:07:29 +0200
Message-Id: <6548593F-D552-478A-9D83-2091C6CCC597@openfortress.nl>
To: kerberos@mit.edu
Content-Type: text/plain; charset="windows-1252"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hello Wendy,
> How do the tickets remember the KDC?
They don’t.
A ticket has a realm, which is looked up in your local kerberos configuration, or if you’re brave enough to trust DNS without DNSSEC in place, in there (after mapping the DNS name to a realmname). The same path reveals the choice between UDP and TCP (no SCTP possible AFAIK) and the port.
This is done when you first acquire your ticket, and it should be repeated later on.
I hope that’s what you were after.
-Rick
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
