[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Proposed Agenda for SSTC Call (29 June 2010)
> The public review for Kerberos items closed with no comments received. > > Scott was looking at the Kerberos Attribute Profile, which had > already gone through public review, and he found two issues. First, > he couldn't find a schema, as there was nothing accompanying the > CD. If there is no schema, then this document can't proceed. > Thomas will look for the schema. I've attached the schema. I was certain that I had done this on submission, but it appears not :-( > Secondly, Scott has deployers who want to implement this. We're not > sure what the use cases with the APREQ are, but the customer demand > that Scott has is for passing actual Kerberos credentials in an > attribute, and he doesn't know how that is best done. By "credential", do we mean "ticket"? If so, that's the point of the AP_REQ message. The AP_REQ is the ticket + authenticator. josh.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]