[16633] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: KDC query client performance

daemon@ATHENA.MIT.EDU (Nico)
Tue Feb 15 14:51:11 2011

Date: Tue, 15 Feb 2011 13:50:59 -0600
From: Nico <nico103@gmail.com>
To: Sam Hartman <hartmans@mit.edu>
Message-ID: <20110215195059.GB23393@kem>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <tslpqquvuds.fsf@mit.edu>
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

On Mon, Feb 14, 2011 at 10:39:27PM -0500, Sam Hartman wrote:
> Hmm, except how do you actually track if the KDC is up?

You send bogus KDC requests and expect a KRB-ERROR back.  The bogus
request should be such that the KDC will not spend any compute resources
on crypto and will send a KRB-ERROR back.  My guess is that the simplest
such bogosity would be to send a really old from/till time in the
KDC-REQ-BODY.

Nico
-- 
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16633] in Kerberos_V5_Development

Re: KDC query client performance

daemon@ATHENA.MIT.EDU (Nico)Tue Feb 15 14:51:11 2011

daemon@ATHENA.MIT.EDU (Nico)
Tue Feb 15 14:51:11 2011