[433] in Kerberos
Re: RPC et al
daemon@TELECOM.MIT.EDU (Mike Kazar)
Thu Jul 7 15:17:21 1988
From: Mike Kazar <kazar+@ANDREW.CMU.EDU>
To: kerberos@ATHENA.MIT.EDU, MILLER%erlang.DEC@DECWRL.DEC.COM
In-Reply-To: <8807062040.AA15522@decwrl.dec.com>
Steve Miller suggests:
It might be possible to tweek the code in a few places that set or read the
the ticket lifetime to change the effective units from 5minutes to some
larger value. This would not involve any protocol change. It wouldn't
interoperate properly with "vanilla" installations.
The biggest problem with this suggestion is that the ticket lifetime is
interpreted by the application server, and this server does not know how to
interpret the lifetime field.
For instance, if we build Andrew file system servers that interpret the
lifetime field in 4 hour units, instead of the standard 5 minute units, then a
standard MIT kerberos ticket will be interpreted "incorrectly" by an Andrew
file server here at CMU (if reached over NFSnet, say). In addition, folks at
MIT will have to modify Andrew file server releases to remove this lifetime
conversion factor on every release.
