>As for the question on case-sensitivity, Kerberos principal names are
>case-sensitive. On
>MIT/Solaris/Linux KDCs one can create two separate account "alice" and
>"ALICE", but on Windows
>there can be only one account "alice". Windows KDC accounts are all
>lower-case, changing the
Windows acc
Douglas,
As per the Kerberos clarifications (draft-ietf-krb-wg-kerberos-clarifications-07.txt), if
pre-authentication is required, but was not present in the AS-REQ, an error message with
the code KDC_ERR_PREAUTH_REQUIRED is returned, and the e-data field of the KRB_ERROR
message will contain th
Sun's implementation of Java GSS/Kerberos currently supports
PA-ENC-TIMESTAMP as per RFC 1510. The new pre-authentication types
specified in the Kerberos clarifications provide additional
pre-authentication. Support for these new pre-authentication types
PA-ETYPE-INFO and PA-ETYPE-INFO2 will be
