I have a question on Kerberos Proxy and forward tickets.
Can a service holding a forwarded ticket get a proxy ticket for another service or a user?
My understanding of Kerberos 15 days old and I need your comments on this.
This is will be considered as a solution for a service called �Work on behalf� (Wb). This service should allow user B to work on A�s behalf. B would have access (on A�s behalf) to some services and not to other.
Proposed solution for this is that A tells Wb that B would login (latest by time T) and access services X Y and Z on behalf of him. A gets a forward-able ticket and forwards it to Wb, Wb would get a renewable ticket and keep on renewing it till B logs on, or till T. When B contacts Wb and let him know that he wants to work on A�s behalf, Wb would get B proxy tickets to services (X Y and Z).
Will this soultion work? If so what are the caveats here?
Thanks for your time and response,
Rohith K N
_________________________________________________________________
Find a partner. For life. http://www.shaadi.com/ptnr.php?ptnr=hmlql [EMAIL PROTECTED]
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
