[6461] in Kerberos
No subject found in mail header
daemon@ATHENA.MIT.EDU (Joao Oliveira)
Tue Jan 9 10:39:47 1996
From: "Joao Oliveira" <jco@hplb.hpl.hp.com>
Date: Tue, 9 Jan 1996 15:27:52 +0000
To: kerberos@MIT.EDU
quote from athena original tech report on Kerberos:
'The authenticator section of tickets consist of, among other things, the
client's principal identifier, network addresses and the current time of the
day.'
Several questions can be asked :
Is host-level the maximum granularity on the origin of the requests?
Is there any way one could improve this like managing to tell the
server only to accept tickets sent from (host(s),port(s)) ? This would allow
to use kerberos as a way to ensure more than the host of origin.
If possible, is it by using some of the optional fields on the
KRB_AS_REQ message?
Where can I find the most up-to-date papers on Kerberos? I am reading an
expired draft.
joao
--
+ Joao Barreto Fernandes e-mail: jco@hplb.hpl.hp.com (research student) +
+ Intelligent Network Platform Department Hewlett Packard Laboratories +
+ http://www-incl/~jco (HP only) http://www.di.fc.ul.pt/~barreto (world) +
+ 'All points of view are my own and not necessarily HP's as well' +
