[316] in Kerberos
Yet another addendum
daemon@TELECOM.MIT.EDU (Clifford Neuman)
Sat Jan 30 13:32:21 1988
From: bcn@JUNE.CS.WASHINGTON.EDU (Clifford Neuman)
To: Saltzer@ATHENA.MIT.EDU
Cc: kerberos@ATHENA.MIT.EDU
In-Reply-To: Jerome H. Saltzer's message of Sat, 30 Jan 88 11:57:00 EST <8801301657.AA14743@HERACLES.MIT.EDU>
The way flags get set can be analagous to the way the ticket lifetime is
set. Users can select a default. Those that want to overide the
default can then use a special option to rlogin or login. Most people
would have no need to do this, however.
The above combined with the ability for the user to optionally select
the lifetime of the ticket to be sent to the remote host will allow
just the amount of trust that is needed to be placed in that host.
The exact same mechanism could be used for proxies where either the
local application knows exactly what services will be accessed by a
remote service, or where it is willing to entrust the remote system
with a short lived and not further propogatable ticket granting
ticket.
~ Cliff
