[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Initial version of PKCROSS implementation

1 apr 2008 kl. 20.36 skrev Jeffrey Hutzelman:

>> Please note that a serious deployment is premature, because some
>> incompatible changes are expected in accordance with the progress of
>> standardization.
>> - The format of ticket extensions is tentative and will be changed.
> In fact, one of the reasons no serious work has been done on PKCROSS  
> in some time is that it requires ticket extensions and the current  
> Kerberos protocol does not have them.  At this point, I think it is  
> somewhat likely that the form of ticket extensions we end up with  
> will be significantly different from what was envisioned when  
> PKCROSS was being worked on.

What is used in the patch is was is discussed currently in the wg, use  
EncryptedData as extention using a magic enctype.