Lists

Open Menu Close Menu

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: [Fed-Talk] PKINIT and Kerberos

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] PKINIT and Kerberos

Subject: Re: [Fed-Talk] PKINIT and Kerberos
From: Brian Raymond <email@hidden>
Date: Tue, 15 Nov 2005 13:00:45 -0500
Thread-topic: [Fed-Talk] PKINIT and Kerberos

Title: Re: [Fed-Talk] PKINIT and Kerberos

I can’t comment on official support for PKINIT but I wanted to pass along some information in case it’s useful to you. There are a number of assumptions here that might not hold on OSX so don’t assume it will work without testing :).

OSX Supports the pam_krb5 module and it has patches available for PKINIT support. Support for accessing the card through Pam *should* supported (OpenSSL ENGINE), I state that because there is a PKCS#11 pam module which can do it. So if that works and the KDC you are hitting implements it (like MS AD, Heimdal) you should be able to leverage it to get tickets issued using your PKI cert.

- Brian

On 11/15/05 11:35 AM, "Nebergall, Christopher" <email@hidden> wrote:

http://tools.ietf.org/wg/krb-wg/draft-ietf-cat-kerberos-pk-init/draft-ietf-cat-kerberos-pk-init-29.txt

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

Follow-Ups:
- Re: [Fed-Talk] PKINIT and Kerberos
  - From: "Timothy J. Miller" <email@hidden>

References:
	>[Fed-Talk] PKINIT and Kerberos (From: "Nebergall, Christopher" <email@hidden>)

Prev by Date: [Fed-Talk] PKINIT and Kerberos
Next by Date: Re: [Fed-Talk] PKINIT and Kerberos
Previous by thread: [Fed-Talk] PKINIT and Kerberos
Next by thread: Re: [Fed-Talk] PKINIT and Kerberos
Index(es):
- Date
- Thread