[16496] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: preserve original starttime on renewed TGTs

daemon@ATHENA.MIT.EDU (Simo Sorce)
Fri Nov 19 16:43:49 2010

Date: Fri, 19 Nov 2010 16:43:42 -0500
From: Simo Sorce <ssorce@redhat.com>
To: krbdev@mit.edu
Message-ID: <20101119164342.49d56360@willson.li.ssimo.org>
In-Reply-To: <58E560FCF404CF7725DFD266@dhcp-172-19-76-254.mtv.corp.google.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

On Fri, 19 Nov 2010 13:21:34 -0800
Frank Cusack <frank+krb@linetwo.net> wrote:

> When running 'kinit -R', the KDC resets the starttime on the returned
> TGT to "now".  I'd like to modify my KDC to preserve the original
> starttime instead.  That could make a renewed TGT appear to have
> longer than the normal maximum configured lifetime, but it seems like
> a fairly trivial non-problem.  As opposed to a postdated ticket, this
> would be now be a predated ticket.

Hi Frank,
I am curious to understand why you want to do that.
What class of use cases does it solve? 

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16496] in Kerberos_V5_Development

Re: preserve original starttime on renewed TGTs

daemon@ATHENA.MIT.EDU (Simo Sorce)Fri Nov 19 16:43:49 2010

daemon@ATHENA.MIT.EDU (Simo Sorce)
Fri Nov 19 16:43:49 2010