Is it possible to use 5077 with a key wrapping key in a Needham-Schroeder scenario:
* A is a Key Server * C is say a web server * A has a relationship with C and hence A has key KEYac * B wants to talk to C but doesn’t have a relationship with C * B has a relationship with A * B asks A for a key it can use with C * A generates a KEYbc and wraps it with KEYac giving us KEYbcac with key_name KEYac Is it possible to construct a 5077 style ticket with KEYbcac that can be transparently unwrapped by C so that B can speak with C using KEYbc? By transparently, I mean without modification to the server C. Thanks, Karl
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
