> From: Brandon Allbery [mailto:allber...@gmail.com] > > You've made several assumptions about what is going on, and at least one is > incorrect. For starters, the KDC already *has* the user's password
You say that I'm incorrect, and then repeat what I said. Yes, the KDC has the password. That's what I said, and that's the point. The client sent the password to the KDC. Granted, it was in a previous session, but that's only marginally significant. _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
