tags:

views:

411

answers:

1
+1  Q: 

Kerberos and T125 protocol

Why does Kerberos authentication use T125 protocol? I believe Kerberos authentication behaves this way:

  • Client asks for a ticket to the Kerberos authority
  • The Kerberos authority provides a Ticket to the client
  • The Client tries to authenticate towards a Server and sends to the server this Ticket.
  • The Server verifies the Ticket is OK with the Kerberos Authority, and authenticates the Client.

Now, where, in this process, is used T125 and why?
And does the Client send the Ticket any time it tries to access (e.g: for each HTTP GET page) to the Server and the Server checks this Ticket any time, or is it just once at the beginning of the "conversation"?

Thank you!

+2  A: 

Not familiar with T125, but your Kerberos flow is off a little.
Roughly:

  1. User authenticates to KDC (Kerberos authority)
  2. KDC grants user a TGT (ticket granting ticket)
  3. user tries to access server
  4. Server demands server ticket, sends user some info (to identify the server)
  5. user asks KDC for ticket for server, sends TGT and server info
  6. KDC issues server ticket to user
  7. User submits server ticket to user on every access.

I know I didnt directly answer your T125 question, but I hope this helped anyway.

AviD  2008-09-21 18:06:28
I did a little research and couldnt find anything t125 to do with Kerberos. Where did you get that bit from?
AviD  2008-09-21 19:34:41
While checking some traces I had T125 traffic that seems to be part of the Kerberos authentication... I'm not sure, though, and you're maybe right that Kerberos doesn't use it :-)
Layla  2008-09-21 21:05:51
Curious, did you figure out what the T125 was?
AviD  2008-09-23 15:45:07

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security