[17528] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Kerberos 1.7 and later does not interoperate with AD Read-only DCs

daemon@ATHENA.MIT.EDU (Nico Williams)
Wed Feb 29 18:38:04 2012

MIME-Version: 1.0
In-Reply-To: <4F43DDFA.1020608@mit.edu>
Date: Wed, 29 Feb 2012 17:37:58 -0600
Message-ID: <CAK3OfOjwxxbufpto4msBTqZPNzS7zb8SXMbk9EC6hzbPLAjLSQ@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Greg Hudson <ghudson@mit.edu>
Cc: krbdev@mit.edu, abernstein@beyondtrust.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

How does this come up?  Via forwarded TGTs with these weird kvnos in
their enc-part's EncryptedData?

Also, we're not changing the definition for kvno anywhere else, correct?

Finally: do we have to make sure that kvnos for MIT principals never
get larger than 2^31 - 1?

Nico
--
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[17528] in Kerberos_V5_Development

Re: Kerberos 1.7 and later does not interoperate with AD Read-only DCs

daemon@ATHENA.MIT.EDU (Nico Williams)Wed Feb 29 18:38:04 2012

daemon@ATHENA.MIT.EDU (Nico Williams)
Wed Feb 29 18:38:04 2012