Note, for MIT I think we don't need the NonForwardableDelegation flag, just need to behave as enabled and let the plugin's get_principal() add 'TrustedToAuthForDelegation' if the list is empty. This could simplify the KDC code as we don't need to check the PAC's not-delegated flag, although some tests would need updating. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
- Query regarding S4U2Self protocol extension Vipul Mehta
- Re: Query regarding S4U2Self protocol extension Vipul Mehta
- Re: Query regarding S4U2Self protocol extension Greg Hudson
- Re: Query regarding S4U2Self protocol extension Isaac Boukris
- Re: Query regarding S4U2Self protocol extension Isaac Boukris
- Re: Query regarding S4U2Self protocol exten... Isaac Boukris
- Re: Query regarding S4U2Self protocol extension Vipul Mehta
- Re: Query regarding S4U2Self protocol extension Isaac Boukris
- Re: Query regarding S4U2Self protocol exten... Vipul Mehta
- Re: Query regarding S4U2Self protocol ... Isaac Boukris
- Re: Query regarding S4U2Self proto... Vipul Mehta
- Re: Query regarding S4U2Self p... Isaac Boukris
- Re: Query regarding S4U2Self p... Vipul Mehta
- Re: Query regarding S4U2Self p... Vipul Mehta
- Re: Query regarding S4U2Self p... Isaac Boukris
- Re: Query regarding S4U2Self p... Vipul Mehta
