{"draft":"draft-ietf-krb-wg-kerberos-referrals-15","doc_id":"RFC6806","title":"Kerberos Principal Name Canonicalization and Cross-Realm Referrals","authors":["S. Hartman, Ed.","K. Raeburn","L. Zhu"],"format":["ASCII","HTML"],"page_count":"19","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Kerberos WG","abstract":"This memo documents a method for a Kerberos Key Distribution Center\r\n(KDC) to respond to client requests for Kerberos tickets when the\r\nclient does not have detailed configuration information on the realms\r\nof users or services.  The KDC will handle requests for principals in\r\nother realms by returning either a referral error or a cross-realm\r\nTicket-Granting Ticket (TGT) to another realm on the referral path.\r\nThe clients will use this referral information to reach the realm of\r\nthe target principal and then receive the ticket.  This memo also\r\nprovides a mechanism for verifying that a request has not been\r\ntampered with in transit.  This memo updates RFC 4120.  [STANDARDS-TRACK]","pub_date":"November 2012","keywords":["authentication","security protocols","identity"],"obsoletes":[],"obsoleted_by":[],"updates":["RFC4120"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6806","errata_url":null}