[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question to Kerberos/Multicast/RSVP

To: <rap@ops.ietf.org>
Subject: Question to Kerberos/Multicast/RSVP
From: "Hannes Tschofenig" <Hannes.Tschofenig@mchp.siemens.de>
Date: Fri, 29 Jun 2001 09:01:00 +0200
Delivery-date: Fri, 29 Jun 2001 00:02:27 -0700
Envelope-to: rap-data@psg.com
Reply-To: <Hannes.Tschofenig@mchp.siemens.de>

hi!

in section 7 of rfc 2474 the use of multicast with kerberos is described as
follows:

"In the multicast case all receivers of a multicast
   RSVP message MUST share a single key with the KDC (e.g. the receivers
   are in effect the same security principal with respect to Kerberos)."

is this an appropriate assumption since this requires that before starting a
multicast session
a new principal name must be created at the kdc and the information
(principal name and key) must be send to the
participating users (receivers). then the actual reservation can take place
to make use of the above mentioned single key.

the above mentioned procedure is required since it cannot be assumed that
two principals are the same security principal. additionally this creates
problems for accounting.

am i missing something?
how should the exact processing work?

ciao
hannes

Prev by Date: I-D ACTION:draft-ietf-rap-new-rsvp-ext-00.txt
Next by Date: Question about RFC 2752
Prev by thread: RE: Question about RFC 2752
Next by thread: RE: Question to Kerberos/Multicast/RSVP
Index(es):
- Date
- Thread