> Releases 1.12 through 1.15
will not issue "trivially renewable tickets", where renewable endtime
doesn't exceed ticket endtime; instead it will issue a non-renewable
ticket. The forthcoming release 1.16 will go back to issuing trivially
renewable tickets.
I think this may answer
On 10/16/2017 12:28 PM, Hostetler,Alex wrote:
> Another thing that is different between the two versions is the lack of a
> renew until time on the klist above this kinit –R. It still has a renewable
> flag, which confused me a bit.
That is a known bug. The intent of the 1.12-1.15 KDC code was
On 10/16/2017 11:03 AM, Hostetler,Alex wrote:
> Here the ticket lifetime is 2 mins, renew time is 6 mins. We sleep for 140
> seconds and are still able to renew the ticket anyway. I believe this is a
> bug.
Because the client and KDC clocks might drift, the KDC applies a grace
period to ticket
