[16568] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

opt-hardware-auth

daemon@ATHENA.MIT.EDU (Frank Cusack)
Wed Dec 29 16:03:29 2010

Date: Wed, 29 Dec 2010 13:03:04 -0800
From: Frank Cusack <frank+krb@linetwo.net>
To: "'krbdev@mit.edu'" <krbdev@mit.edu>
Message-ID: <503C607D90F64E0D981D5A72@dhcp-172-19-77-75.mtv.corp.google.com>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

Does MIT implement the OPT-HARDWARE-AUTH option?  (RFC 4120 2.9.3)

It doesn't seem so.  As it is just a boolean flag in the AS-REQ, is
there a way to set an arbitrary (unknown/no-keyword) option in the
client request?  Like how a dhcp client or server configuration can
just set arbitrary options that the client/server doesn't actually
understand the meaning of.  Obviously the KDC would have to know
what to do with it, but at least older clients wouldn't have to
be modified.
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16568] in Kerberos_V5_Development

opt-hardware-auth

daemon@ATHENA.MIT.EDU (Frank Cusack)Wed Dec 29 16:03:29 2010

daemon@ATHENA.MIT.EDU (Frank Cusack)
Wed Dec 29 16:03:29 2010