[6871] in Kerberos
Re: kerberos network load
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Tue Mar 12 17:54:04 1996
Date: Tue, 12 Mar 96 17:41:10 EST
From: Barry Jaspan <bjaspan@bbnplanet.com>
To: Patrick Schramboeck <patty@utimaco.co.at>
Cc: kerberos@MIT.EDU
In-Reply-To: [6870]
Date: Tue, 12 Mar 1996 14:31:50 +0100
From: Patrick Schramboeck <patty@utimaco.co.at>
how many pakets needs to be exchanged between
a kerberos server (KDC) and a client to authenticate? (2 pakets?)
Yes, 2 packets.
And how many pakets are needed for contacting a file server?
( 2 pakets for the TGs and 2 pakets for the fileserver?)
Again, you are correct. The first time a client wants to contact a
service, it makes a round-trip to the TGS (2 packets, one each way).
Subsequent uses of the same service do not require communicating with
the TGS.
A client and server that wish to perform mutual authentication
exchange two packets. If the client only needs to authenticate to the
server, only one packet is exchanged.
Barry
