[EMAIL PROTECTED] (Ken Hornstein) writes: > > I've got a really dumb question: why aren't tickets > > treated as public information? They're clearly snoopable > > on the wire, so confidentiality shouldn't be assumed. > > To my mind tickets are analogous to x.509 certs which > > are, essentially, public information; the private/secret > > key is what's important to keep secret. > > Tickets != credentials (he was talking about the credential cache). > Included in the credential cache is the session key for the ticket, which > is the information you really need to keep secret. Tickets aren't > long-lived and aren't very much use without the session key, so they're > generally treated as one unit.
Ah, that's a very different matter :-) -- Michael Thomas ([EMAIL PROTECTED] http://www.mtcc.com/~mike/) Multi-mode fiber with an optical splitter | B G P sessions conFIGGED not to litter | My Fav'rite 'Net Things Reverting from A T M back to I P | by kc claffy, CAIDA These are a few of my fav'rite `Net things |
