"Christoph Riesenberger" <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]>...
> > Thanks, Tom. This means, Lowe's attack doesn't touch kerberos!? > 2 other questions: > Kerberos uses symmetric keys. How can it guarantee, that a message/ticket > was not altered (integrity)? Kerberos does not ensure message integrity (assuming you are referring to data in addition to the authentication ticket). However, the GSS API which is a part of MIT's KerberosV can be used to checksum (GSS_GetMIC()) or encrypt for privacy (GSS_Wrap()). > How does logout work? MIT's KerberosV has a command "kdestroy" to get rid of Ticket Granting Tickets. Certain Os implementations might choose to do the same on user logout. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
