Difference between revisions of "Projects/IAKERB"
From K5Wiki
< Projects
(→Background) |
|||
| Line 7: | Line 7: | ||
Implement [http://tools.ietf.org/html/draft-zhu-ws-kerb-03 IAKERB]. |
Implement [http://tools.ietf.org/html/draft-zhu-ws-kerb-03 IAKERB]. |
||
| − | + | The implementation presently only supports AS-REQ IAKERB initiators, so an initiating client will need to be in the same realm as the service and will not get a TGT. (The code for acquiring a TGT is quite complicated.) Third-party IAKERB initiators can acquire TGTs, because the acceptor simply forwards the packets to the KDC. |
|
==Architecture== |
==Architecture== |
||
Revision as of 15:10, 15 November 2009
This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.
Background
Implement IAKERB.
The implementation presently only supports AS-REQ IAKERB initiators, so an initiating client will need to be in the same realm as the service and will not get a TGT. (The code for acquiring a TGT is quite complicated.) Third-party IAKERB initiators can acquire TGTs, because the acceptor simply forwards the packets to the KDC.
Architecture
Implementation
libkrb5
GSS
Open issues
Status
Code is in the users/lhoward/iakerb branch.
