Path: utzoo!attcan!uunet!cs.utexas.edu!tut.cis.ohio-state.edu!ucbvax!decwrl!shelby!ATHENA.MIT.EDU!jtkohl
From: jtkohl@ATHENA.MIT.EDU (John T Kohl)
Newsgroups: comp.protocols.kerberos
Subject: Re: Distinguishing "users" and "services"
Message-ID: <8905091402.AA16269@LYCUS.MIT.EDU>
Date: 9 May 89 14:02:15 GMT
Sender: daemon@shelby.Stanford.EDU
Organization: The Internet
Lines: 15

"providing direct service" is not a good way to describe what I meant.

What I meant was that if the flag were set for my principal (e.g.
joe.foo@realm), no other principal would be able to get a ticket
_sealed in joe.foo@realm's key_ authenticating him to joe.foo@realm.

This can be separated from the Davis/Swick proposal for presenting two
TGT's to the KDC, since in that case the key used for authenticating to
joe.foo@realm is the TGT session key, not the private key.

The intent here is to reduce the exposure of a user's password-based
private key (by using it for encryption) to as few messages as possible.
The intent is NOT to interfere with user-to-user authentication.

John