OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] RE: AuthenticationMethod / NameIdentifier andKerberos authentication


> The other case, where the actual authenticator is a password, is
> represented already with the PasswordProtectedTransport class. 
> As I mentioned yesterday, I added an ExternalVerification attribute to
> the PasswordType element, which can carry the Kerberos URN, specifying
> that Kerberos was used as the "pre-authentication" method. 

Pre-auth isn't meant in that sense, it's how you do the real Kerberos dance
to get a TGT, so it really needs to qualify the Kerberos-Protected-Transport
case, I think.

-- Scott



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]