logo_kerberos.gif

User:TomYu/KDC processing

From K5Wiki
< User:TomYu
Revision as of 19:46, 24 June 2013 by TomYu (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
  • Authenticate request content
    • PKINIT (AS)
    • PA-TGS-REQ (TGS)
    • FAST (AS or TGS)
  • Authenticate client
    • PA-ENC-TS (weak; AS)
    • PKINIT (AS)
    • SAM2 (AS)
    • PA-ENCRYPTED-CHALLENGE (AS)
    • PA-TGS-REQ (TGS)
    • S4U2Self (TGS)
    • S4U2Proxy (TGS)
  • Determine service principal
    • Hostname alias
    • Cross-realm service principal referral
    • Cross-realm TGS referral
    • User-to-user
  • Issue ticket
  • Encrypt reply
    • FAST (AS or TGS)
    • Long-term key (AS)
    • Session key (TGS)
Personal tools