5.8. KRB_CRED Message Specification

5.8.1. KRB_CRED Definition

Message structure for credential forwarding:

• pvno - Protocol version number
• msg-type - Message type (KRB-CRED)
• tickets - Sequence of tickets being forwarded
• enc-part - Encrypted part

Encrypted Part (EncKrbCredPart)

Contains:

• ticket-info - Sequence of credential information
• nonce - Optional nonce
• timestamp - Optional timestamp
• usec - Optional microseconds
• s-address - Optional sender address
• r-address - Optional recipient address

Ticket Info Structure

For each ticket:

• key - Session key
• prealm, pname - Optional principal
• flags - Optional ticket flags
• authtime, starttime, endtime - Optional times
• renew-till - Optional renew time
• srealm, sname - Optional service info
• caddr - Optional addresses

Usage

Used for forwarding credentials between systems or storing credentials securely.

Reference

For complete specification, refer to RFC 4120 Section 5.8.