However, in your example both Bob and Eve applications are backed by the same ticket registry. Without the same registry a ticket issued from Evil.eve.com wouldn't be found at all in Bobs.files.com ticket registry and therefore fail.
If all services backed by the same registry are "friends" is this still an security issue. I would like to add my appreciation for the time you have spend on this. Thanks again. Regards, Dom _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
