Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!decwrl!shelby!ATHENA.MIT.EDU!swick
From: swick@ATHENA.MIT.EDU (Ralph R. Swick)
Newsgroups: comp.protocols.kerberos
Subject: Re: Distinguishing "users" and "services"
Message-ID: <8905091317.AA02761@THANATOS.MIT.EDU>
Date: 9 May 89 13:17:23 GMT
References: <8905081836.AA05625@LYCUS.MIT.EDU>
Sender: daemon@shelby.Stanford.EDU
Organization: The Internet
Lines: 14

> I propose allocating a flag bit in the KDC database to indicate that the
> indicated principal is not allowed to provide direct service, i.e. the
> TGS will reject any requests to issue a ticket which the principal can
 decrypt.

Hmm.  What does "provide direct service" really mean in the long
run?  Does reading a mail message consisting of credentials and
a body encrypted in a session key constitute a "service"?

I suspect that a side-effect of this flag will be to increase the size
of the db substantially by forcing all users to have two instances;
one that provides "service" and correspondingly is denied service
by others (authorization again... :-) and one that doesn't.  Smells
suspiciously similar to public/private key to me.