[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] RE: AuthenticationMethod / NameIdentifier andKerberos authentication
> The other case, where the actual authenticator is a password, is > represented already with the PasswordProtectedTransport class. > As I mentioned yesterday, I added an ExternalVerification attribute to > the PasswordType element, which can carry the Kerberos URN, specifying > that Kerberos was used as the "pre-authentication" method. Pre-auth isn't meant in that sense, it's how you do the real Kerberos dance to get a TGT, so it really needs to qualify the Kerberos-Protected-Transport case, I think. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]