[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: "Identity Representation for RSVP" question
The statement you high lighted from Section 6.3 is in error. Sending the
Kerberos ticket to the KDC is unnecessary to obtain the session key as the
ticket already contains the key. This will be fixed in the next draft.
From: Hannes Tschofenig [mailto:Hannes.Tschofenig@mchp.siemens.de]
Sent: Friday, June 29, 2001 3:01 AM
Subject: "Identity Representation for RSVP" question
in section 6.3. of <draft-ietf-rap-rsvp-better-identity-00.txt> the
verification procedure of the user credentials are explained:
"Kerberos: Send the Kerberos ticket to the KDC to obtain the session key.
Using the session key authenticate the user.".
why should the router/pdp send the ticket to the kdc?