Beware the asymmetry. When considering schemes like this, please be on the lookout for new connectivity requirements. Consider an organization with a tightly guarded KDC on their intranet, to which all the employees authenticate. Outside their firewall is another KDC with "supplemental" external users and hosts. The normal connection pattern for employees would be to kinit inside the firewall, traverse a trust outside the firewall, and finally connect to the server.
The server outside the firewall cannot contact the KDC which manages the user principals. Neither can the KDC which manages the public-facing, company managed network. Revocation schemes must account for situations where parties other than the authenticated user cannot contact the user's home KDC. Bryce This electronic message contains information generated by the USDA solely for the intended recipients. Any unauthorized interception of this message or the use or disclosure of the information it contains may violate the law and subject the violator to civil or criminal penalties. If you believe you have received this message in error, please notify the sender and delete the email immediately. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
