On Wed, Sep 7, 2011 at 10:32 AM, Rafa Marin Lopez <[email protected]> wrote: > Are you suggesting the initiator sends the TGT and obtains several STs in > return from the KDC in a single exchange?
Yes. It'd be a nice round-trip optimization, no? A combination of AS and TGS exchange. Note that this does not prevent the AS and TGS from being logically separated since the AS could act as a proxy for the client in talking to the TGS. Nico -- _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
