[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: KRB5KRB_AP_ERR_MODIFIED during protocol transition

>>> I only seem to need Constrained Delegation,
> You are right, it should only need the Constrained Delegation bit.  
> I did not
> try it without the other options, so did not want to speculate.
>> however, but there is the  confusion
>> if its bit 14 or bit 16. bit 16 doesnt work, but bit 14 seems to be
>> claimed for anonymous support...
> Bit 14 defn works, I don't know what bit 16 is though. Newer  
> versions of
> wireshark (I am using (0.99.5) understands this bit and describes  
> it as
> 'Constrained Delegation'. I checked RFC 4120 and it does not  
> specify either.
> Can you point me to some document that discuss one over the other.

rfc1510 bis and ter seems to contain it


But I have no idea why it didn't make it to rfc4120

Also draft-ietf-krb-wg-anon-00.txt talks about anonymous.