[16487] in Kerberos_V5_Development
Re: X-CACHECONF in cache type 0504
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Nov 19 12:29:38 2010
From: Greg Hudson <ghudson@mit.edu>
To: Tim Alsop <Tim@cybersafe.com>
In-Reply-To: <C90C5FE0.27A3A%Tim.Alsop@CyberSafe.com>
Date: Fri, 19 Nov 2010 12:29:34 -0500
Message-ID: <1290187774.2633.1277.camel@ray>
Mime-Version: 1.0
Cc: "krbdev@MIT.EDU" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Fri, 2010-11-19 at 12:14 -0500, Tim Alsop wrote:
> So, above looks normal. There is no padata seen suggesting that the KDC
> supports FAST, but when I look at the ticket cache I see:
The padata would be in a separate area called "encrypted
padata" (originally a Microsoft extension) which is part of the
encrypted part of the reply. Wireshark won't be able to see it unless
it has a keytab it can use to decrypt the reply, and even then it may or
may not know how to use encrypted padata. You may need to step through
the code to see what's going on.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
