[27869] in Kerberos
Re: Use ssh key to acquire TGT?
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Sat Jun 2 22:16:19 2007
Message-Id: <200706030215.l532FXWJ007223@ginger.cmf.nrl.navy.mil>
To: kerberos@mit.edu
In-Reply-To: <x37iqn8vj0.fsf@nowhere.com>
Date: Sat, 02 Jun 2007 22:15:34 -0400
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
>How many of those keys belong to administratively independent
>organizations (ie if your home realm is part of .mil, how many of
>those keys are for civilian organizations?)
There are a few ones that are ambiguous, but the highest number of .mil
related cross-realm keys are 12, which leaves 8 that are non-related.
>I'll readily concede that
>.mil and .gov are two situations where cross-realm works extremely
>well.
You'd _think_ that ... but all of those .mil ones are a giant pain
in the ass (they need to be rekeyed every so often for one). The
other ones were all sort of, "Hey, we're here now, we should exchange
cross-realm keys". Between two military organizations that would
rarely happen.
--Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
