>The TGS on the master KDC should be unable to decrypt the TGT that was >encrytped using a different (wrong) password.
The TGT is encrypted using the ticket granting service's long term key, not the user's. -- Luke -- ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
