Hello. I was wondering where is the specification for the original Kerberos Change Password protocol, as I could not find it so far. RFC 3244 only details the Windows extension, and for what I've seen of RFC 1510, there is no mention of how the Password change actually works. (or I've missed it somehow) Why does RFC 1510 refer to the password change service (example: "(The password-changing request must not be honored unless the requester can provide the old password (the user's current secret key)"), but not actually specify how it works, or refer to some other document that does?
I've searched a bit more and found these documents: http://tools.ietf.org/html/draft-ietf-krb-wg-kerberos-set-passwd-00 Are these the specifications? If so, why are these still drafts, whereas Kerberos is fairly old and mature? I'm not familiar with Kerberos history unfortunately, so I'm confused by this. Regards -- Bruno Medeiros ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
