[37631] in Kerberos
RE: Kerberos and HTTP / HTTPS - Could Kerberos tickets be
daemon@ATHENA.MIT.EDU (Osipov, Michael)
Tue Aug 23 09:13:39 2016
From: "Osipov, Michael" <michael.osipov@siemens.com>
To: Simo Sorce <simo@redhat.com>,
"Eichhorn, Thomas"
<Thomas.Eichhorn@klinikum-nuernberg.de>
Date: Tue, 23 Aug 2016 13:13:17 +0000
Message-ID: <68644224DA0DE64CA5A49838ED219A0425B8DD0C@DEFTHW99EJ5MSX.ww902.siemens.net>
In-Reply-To: <1471956864.8163.11.camel@redhat.com>
Content-Language: de-DE
MIME-Version: 1.0
Cc: "'kerberos@mit.edu'" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> And not just for the server, on the user side too as a lot of client
> applications do not even check if the reply from the server is genuine
> (completing the context establishment phase for mutual authentication)
> and just accept the 200 OK code as it comes
This is actually the most important point as Simo points out. As for client
libs: libcurl does not but libserf does fully establish the context.
Michael
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
