[2461] in Kerberos_V5_Development
Re: Password expiration via a preauth mechanism
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Wed Jul 30 14:56:43 1997
Date: Wed, 30 Jul 1997 14:55:00 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Cc: joda@pdc.kth.se, krbdev@MIT.EDU
In-Reply-To: Ken Hornstein's message of Wed, 30 Jul 1997 11:22:41 -0400,
<199707301522.LAA26170@ginger.cmf.nrl.navy.mil>
Date: Wed, 30 Jul 1997 11:22:41 -0400
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
>Excuse me, but isn't the last-req field supposed to be used for just
>this kind of information (modulo bad naming).
Hmph. I had forgotten all about that field. I guess the reason I didn't
use it was that it wasn't implemented at all in the KDC, and I didn't
feel comfortable implementing my own thing.
Worth redoing, you think?
Actually, if I remember correctly there's partial support for last-req
in the KDC, although it's for certain that we're not currently using it.
- Ted
