Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

Kerberos FAQ, v2.0 (last modified 8/18/2000)
Section - 1.30. What are proxiable tickets?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Business Photos and Profiles ]


Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 1.29. What are the advantages/disadvantages of Kerberos vs. SSL?
Next Document: 2. Administration questions
See reader questions & answers on this topic! - Help others by sharing your knowledge
As discussed in Question 1.26, Kerberos tickets contain the IP addresses of
hosts they are to be used on.

In addition to forwardable tickets, Kerberos 5 introduce the concept of
proxiable tickets. A proxiable ticket is a ticket (generally only a TGT)
that allows you to get a ticket for a service with IP addresses other than
the ones in the TGT.

This is different than forwardable tickets in that you cannot proxy a new
TGT from your current TGT; you can only proxy non-TGT service tickets. In
other words, forwardable tickets let you transfer your complete identity
(TGT) to another machine, where proxy tickets only let you transfer
particular tickets.

In general practice, proxiable tickets are not used that often.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 1.29. What are the advantages/disadvantages of Kerberos vs. SSL?
Next Document: 2. Administration questions

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
Ken Hornstein <kenh@cmf.nrl.navy.mil>





Last Update March 27 2014 @ 02:11 PM