[246] in Zephyr Mailing List
Re: Interrealm support issues
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Fri Jan 3 16:39:43 1997
To: John Gardiner Myers <jgm@CMU.EDU>
Cc: zephyr@MIT.EDU
From: Marc Horowitz <marc@cygnus.com>
Date: 03 Jan 1997 16:35:44 -0500
In-Reply-To: John Gardiner Myers's message of Fri, 3 Jan 1997 14:36:46 -0500 (EST)
John Gardiner Myers <jgm@CMU.EDU> writes:
>> With the server-server interrealm model, you don't need the kerberos
>> realm in the recipient field (or in the packet at all). Put
>> user.instance@zephyrrealm in the recipient field, authenticate and
>> send it to the local server, let the local server figure out from its
>> config which kerberos realm the remote zepyr realm is in and
>> reauthenticate it appropriately. Remote zephyr server then
>> reauthenticates it as being from snder.instance@senderzephyrrealm
This doesn't work for me today. In order to communicate with users at
athena, I need to be marc@CYGNUS.COM in athena's zephyr realm. How do
you propose making that work, including a credible migration path?
Marc
