[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Initial version of PKCROSS implementation
1 apr 2008 kl. 20.36 skrev Jeffrey Hutzelman:
>> Please note that a serious deployment is premature, because some
>> incompatible changes are expected in accordance with the progress of
>> standardization.
>> - The format of ticket extensions is tentative and will be changed.
>
> In fact, one of the reasons no serious work has been done on PKCROSS
> in some time is that it requires ticket extensions and the current
> Kerberos protocol does not have them. At this point, I think it is
> somewhat likely that the form of ticket extensions we end up with
> will be significantly different from what was envisioned when
> PKCROSS was being worked on.
What is used in the patch is was is discussed currently in the wg, use
EncryptedData as extention using a magic enctype.
Love