>>>>> "Marcel" == Marcel Poul <[log in to unmask]> writes:
Marcel> Hi Sam, we wanted to use KDC via Freeradius to send TGTs (or
Marcel> other tickets) to the client (for SSO).
OK.
I'd like to better understand your problem statement.
In general it seems that the peer and AAA server already share a
credential. Kerberos might be an optimization, but I don't understand
how tickets help a delegation situation where the peer is involved since
the peer could just authenticate to the EAP server again.
So, I think I'm missing something about the approach and probably about
what problem you're working toward solving.
|