[2591] in Kerberos-V5-bugs
Re: pending/305: krb524: requests with multi-home machines and null-address creds
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Thu Dec 19 00:06:54 1996
Date: Thu, 19 Dec 1996 00:06:39 -0500
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: krb5-bugs@MIT.EDU, "Richard Basch" <basch@lehman.com>
Cc: gnats-admin@RT-11.MIT.EDU, krb5-prs@RT-11.MIT.EDU
In-Reply-To: Richard Basch's message of Wed, 18 Dec 1996 23:42:01 -0500,
<199612190442.XAA01322@rt-11.MIT.EDU>
For the record, the 1.0 release provides the maximum possible duration
for the V4 ticket lifetile. However, it didn't adjust the algorithm
used for calculating the lifetime in the V4 credential (i.e., the field
which is displayed to the user). So, for certain very long-lived
ticket, the klist display will be incorrect.
A similar bug (which is also present in your patch, Richard), is that
the algorithm in cnv_tkt_skey.c uses the CMU lifetime encoding hack,
whereas the code in conv_creds.c does not.