[16872] in Kerberos_V5_Development
Re: Authdata, preauth plugin headers
daemon@ATHENA.MIT.EDU (Sam Hartman)
Fri Jun 10 13:13:46 2011
From: Sam Hartman <hartmans@mit.edu>
To: Greg Hudson <ghudson@mit.edu>
Date: Fri, 10 Jun 2011 13:13:34 -0400
In-Reply-To: <1307719791.2281.152.camel@t410> (Greg Hudson's message of "Fri,
10 Jun 2011 11:29:51 -0400")
Message-ID: <tslpqmlvcch.fsf@mit.edu>
MIME-Version: 1.0
Cc: Linus Nordberg <linus@nordu.net>, "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
A KDC could store a handle into a database, a KDC could accept the
possibility of replays, a KDC could store state associated with a
session with an OTP server.
Forc this protocol accepting replays is probably a bad idea.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
