RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 3182, "Identity Representation for RSVP", October 2001

Source of RFC: rap (ops)
See Also: RFC 3182 w/ inline errata

Errata ID: 2958
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Marco Molteni
Date Reported: 2011-09-07
Verifier Name: ron bonica
Date Verified: 2011-09-09

Section 6.3 says:

6.3 Authentication (Router/PDP)

[..]

   2. Verify user credential

[..]

      -  Kerberos: Send the Kerberos ticket to the KDC to obtain the
         session key.  Using the session key authenticate the user.

It should say:

Kerberos: Extract the session key from the ticket. Use the session key to authenticate the user.

Notes:

The corrected text is only an example. The most important point is that Kerberos doesn't require the server to contact the KDC, all the information is already in the kerberos authenticator and ticket sent by the client.

See this email exchange from 2001 :-) http://psg.com/lists/rap/rap.2001/msg00269.html where the same issue is raised by Hannes Tschofenig and confirmed by one of the RFC authors, R. Hess.

Report New Errata



Advanced Search