[766] in Kerberos
Re: Proposal for long-lived revocable tickets.
daemon@TELECOM.MIT.EDU (Jerry Saltzer)
Fri Jul 21 15:22:21 1989
From: saltzer@SRC.DEC.COM (Jerry Saltzer)
To: chariot@ATHENA.MIT.EDU
Cc: kerberos@ATHENA.MIT.EDU, krb-protocol@ATHENA.MIT.EDU
In-Reply-To: Your message of Fri, 21 Jul 89 12:28:44 -0400
Mark says,
"(2) I see no reason to keep unrenewable tickets at all. Since
user's have no control over a site's maximum lifetime, they have no
choice but to always ask for renewable tickets if they want a minimum
(renewable) lifetime. This would remove the need for a RENEWABLE flag &
simplify the code."
I agree. Rather than having a flag on RENEWABILITY, can't you
just issue a ticket with FROM = now, and TILL = now+life? What
we really have here is an opportunity for a more flexible set of
site defaults. The first settable default is life, probably set
to the current 8 hours. The second settable default is the amount
by which TILL normally exceeds FROM. That could also be set
to 8 hours, or 24 hours, or whatever seems plausible for the site.
This proposal emphasizes the usefulness of a (prospective) ticket
management utility that keeps a little window in some corner showing
what tickets you have and how long they have to live. The same utility
would be responsible for waking up just before the deadline and
automatically renewing any renewable tickets.
Jerry
