Hello Kerberos World! I am trying to develop an application which can talk to a kerberized service running in a remote realm. I am aware that this would ideally require having trust (one way or two way) between my current realm and remote realm. Additionally, we want to avoid having trust as a requirement (the folks maintaining remote realm are quite 'possessive' about their realm). Thinking more about this, I stumbled on this premise which I want to validate through you the experts! What if my application can get two TGTs from both the realms and instead of getting a cross-realm TGS, it can use the respective TGTs to talk to respective realms? Am I overlooking something here? Is this a sane thing to do in Kerberos terms?
Regards, VR ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
