[3493] in Kerberos-V5-bugs
Re: [krbdev.mit.edu #1199] Local host login results in host ticket that expires in 5 minutes
daemon@ATHENA.MIT.EDU (kenh@cmf.nrl.navy.mil via RT)
Sun Sep 29 23:37:18 2002
Message-Id: <rt-1199-3095.9.40984786003312@krbdev.mit.edu>
In-Reply-To: <rt-1199@krbdev.mit.edu>
From: "kenh@cmf.nrl.navy.mil via RT" <rt-comment@krbdev.mit.edu>
Reply-To: rt-comment@krbdev.mit.edu
To: krb5-prs@mit.edu
Errors-To: krb5-bugs-admin@mit.edu
Date: Sun, 29 Sep 2002 23:36:36 -0400 (EDT)
>It seems to me a bigger problem that the code doesn't deal with
>service tickets with shorter lifetime than the TGT.
I've never figured out what the "right" thing is here, since every
other time I've seen a service ticket with a shorter lifetime than
the TGT it's been a realm misconfiguration or cross-realm with
different lifetimes in different realms. In those two cases,
getting a new ticket from the KDC wouldn't help. Just my $0.02.
--Ken
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs
