HP CM8000 Practical IPsec Deployment for Printing and Imaging Devices - Page 133

Kerberos Transactions

Get HP CM8000 - Color Multifunction Printer PDF manuals and user guides View all HP CM8000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 133 highlights

Figure 52 - Kerberos Transactions Here we can see that the Vista computer authenticates itself to the KDC's Authentication Server in Step 1. The response to a successful Authentication Server Request (AS-REQ) is an Authentication Server Response (AS-REP) that includes a Ticket Granting Ticket (TGT). Vista uses this TGT in the Step 2, this time communicating with the Ticket Granting Service (TGS) with a request (TGS-REQ) to get a service ticket for the application server. Vista includes an Authenticator with this message as well. The TGSREP from the TGS includes the application server ticket that Vista can now use to communicate with the application server as shown in Step 3. Let's look at each packet starting with the AS-REQ. Refer to Figure 53 - AS-REQ. 133

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
133
Figure 52 – Kerberos Transactions
Here we can see that the Vista computer authenticates itself to the KDC’s Authentication Server in Step
1.
The response to a successful Authentication Server Request (AS-REQ) is an Authentication Server
Response (AS-REP) that includes a Ticket Granting Ticket (TGT).
Vista uses this TGT in the Step 2, this
time communicating with the Ticket Granting Service (TGS) with a request (TGS-REQ) to get a service
ticket for the application server.
Vista includes an Authenticator with this message as well.
The TGS-
REP from the TGS includes the application server ticket that Vista can now use to communicate with
the application server as shown in Step 3.
Let’s look at each packet starting with the AS-REQ.
Refer to Figure 53 – AS-REQ.