Path: utzoo!utgpu!watserv1!watmath!att!linac!pacific.mps.ohio-state.edu!zaphod.mps.ohio-state.edu!usc!cs.utexas.edu!uunet!shelby!MIT.EDU!jtkohl
From: jtkohl@MIT.EDU (John T Kohl)
Newsgroups: comp.protocols.kerberos
Subject: Re: Storing tickets safely
Message-ID: <9103041436.AA10834@quicksilver>
Date: 4 Mar 91 14:36:55 GMT
Sender: news@shelby.stanford.edu (USENET News System)
Organization: Internet-USENET Gateway at Stanford University
Lines: 25

>I was hoping that the next release of Kerberos would in fact have some
>form of ticket caching that didn't depend on the file system.

If you are willing to code up such a beast when/after the beta-test is
ready, we would probably be willing to include it in our distribution.
We already have a commitment from elsewhere to do a shared-memory
credentials cache implementation, but if you were interested in a
different model, we would welcome help with it.

>Admittedly my
>users shouldn't ask for long-lived passwords, and I should enforce that.
>But then one of the biggest advantages of Kerberos goes away for my users.
>Namely, they won't be able to run batch jobs that may take many days to
>run before needing a password.

This is exactly the case that renewable tickets were intended for.  The
idea is that you get a ticket with both a "local" and a "global"
expiration time.  Before the "local" time arrives, you send the ticket
to the KDC for revalidation, and it sends back a replacement with
an adjusted "local" expiration time.

If you discover a ticket theft, you can instruct the KDC to refuse to
replace that ticket when a renewal is requested.

John