Marcel,
You may also wish to review the work already done by the University of
Murcia. It is not directly related to delegation, but they have done a lot
of integration of the MIT KDC with EAP and RADIUS that might be
instructive.
Josh.
On 28/07/2013 14:36, "Sam Hartman" <[log in to unmask]> wrote:
>>>>>> "Marcel" == Marcel Poul <[log in to unmask]> writes:
>
> Marcel> Hi Sam, we wanted to use KDC via Freeradius to send TGTs (or
> Marcel> other tickets) to the client (for SSO).
>
>OK.
>I'd like to better understand your problem statement.
>In general it seems that the peer and AAA server already share a
>credential. Kerberos might be an optimization, but I don't understand
>how tickets help a delegation situation where the peer is involved since
>the peer could just authenticate to the EAP server again.
>
>So, I think I'm missing something about the approach and probably about
>what problem you're working toward solving.
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
|