A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Kerberos ticket extensions
Author(s) : L. Astrand
Filename : draft-lha-krb-wg-ticket-extensions-02.txt
Pages : 17
Date : 2008-09-14
The Kerberos protocol does not allow ticket extensions. This make it
harder to deploy features like referrals and PKCROSS.
Since the Kerberos protocol did not specified extensibility for the
Ticket structure and the current implementations are aware of the
contents of tickets, the extension protocol cannot simply extend the
Ticket ASN.1 structure. Instead, the extension data needs to be
hidden inside the ticket.
This protocol defines two methods to add extend the tickets. The
first method requires updated clients and is more in line with the
future development of Kerberos. The second way does not require
update client. To take advantage of this protocol the server (KDC or
application server) need to update a well. The two methods are
equivalent and there is a 1-1 mapping between them.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-lha-krb-wg-ticket-extensions-02.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-lha-krb-wg-ticket-extensions-02.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt