[3492] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [krbdev.mit.edu #1199] Local host login results in host ticket that expires in 5 minutes

daemon@ATHENA.MIT.EDU (Ken Hornstein)
Sun Sep 29 23:37:16 2002

Message-Id: <200209300336.g8U3aPCj022282@ginger.cmf.nrl.navy.mil>
To: rt-comment@krbdev.mit.edu
cc: krb5-prs@mit.edu
In-reply-to: Your message of "Sun, 29 Sep 2002 15:27:05 EDT."
             <rt-1199-3094.7.92860146592787@krbdev.mit.edu> 
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Errors-To: krb5-bugs-admin@mit.edu
Date: Sun, 29 Sep 2002 23:36:25 -0400

>It seems to me a bigger problem that the code doesn't deal with
>service tickets with shorter lifetime than the TGT.

I've never figured out what the "right" thing is here, since every
other time I've seen a service ticket with a shorter lifetime than
the TGT it's been a realm misconfiguration or cross-realm with
different lifetimes in different realms.  In those two cases,
getting a new ticket from the KDC wouldn't help.  Just my $0.02.

--Ken
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3492] in Kerberos-V5-bugs

Re: [krbdev.mit.edu #1199] Local host login results in host ticket that expires in 5 minutes

daemon@ATHENA.MIT.EDU (Ken Hornstein)Sun Sep 29 23:37:16 2002

daemon@ATHENA.MIT.EDU (Ken Hornstein)
Sun Sep 29 23:37:16 2002