I'm offering the following patch to add a definition of a new PA data type PA_PAC_OPTIONS which is being used by Windows 10 and may also be used by Windows 7 and Windows 8.1. The definition comes from the latest version of MS-KILE which describes Microsoft's extensions to the Kerberos protocol.
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/PaDataType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/PaDataType.java index ecf5f95..17dbefc 100644 --- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/PaDataType.java +++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/PaDataType.java @@ -90,6 +90,7 @@ * PA-EPAK-AS-REP 146 ([email protected]) [RFC6113] * PA_PKINIT_KX 147 [RFC6112] * PA_PKU2U_NAME 148 [PKU2U] + * PA_PAC_OPTIONS 167 [Microsoft MS-KILE] * </pre> * * @@ -162,7 +163,8 @@ PKINIT_KX (147), // RFC 6112 : PKINIT Client Contribution to the Ticket Session Key TOKEN_REQUEST (148), // [PKU2U] ENCPADATA_REQ_ENC_PA_REP (149), // RFC 6806 : Negotiation of FAST and Detecting Modified Requests - TOKEN_CHALLENGE (149); // ??? + TOKEN_CHALLENGE (149), // ??? + PAC_OPTIONS (167); // Microsoft MS-KILE /** The inner value */ private final int value; -- Richard M Feezel [email protected]
