5.6. KRB_SAFE Message Specification

5.6.1. KRB_SAFE Definition

Message structure for integrity-protected communication:

• pvno - Protocol version number
• msg-type - Message type (KRB-SAFE)
• safe-body - Message body
• cksum - Keyed checksum

Safe Body Structure

• user-data - Application data
• timestamp - Optional timestamp
• usec - Optional microseconds
• seq-number - Optional sequence number
• s-address - Sender address
• r-address - Optional recipient address

Security Properties

• Provides integrity protection via keyed checksum
• Does not provide confidentiality
• Timestamp and sequence number prevent replay

Reference

For complete specification, refer to RFC 4120 Section 5.6.