Hi. This is definitely a misuse of the [EMAIL PROTECTED] list; your question probably should have gone to [EMAIL PROTECTED] I'll direct replies there. However I want to point out a couple of things.
If you are just using Kerberos to secure network traffic without modifying existing applications take a look at RFC 4430. That's basically the protocol you are looking for between your two boxes. However, the solution you propose has some significant security problems. In brief, the problem is that you are having authentication going on at multpile levels: the Kerberos level with your box and the level presumably using weaker authentication in the application itself. There are a lot of tricky issues to consider when doing this. Take a look at http://tools.ietf.org/internet-drafts/draft-williams-on-channel-binding and http://tools.ietf.org/internet-drafts/draft-ietf-btns-prob-and-applic for descriptions of some of the issues. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
