	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cosign and cyrus imap and IMP

To: "Brett Lomas" <b.lomas@xxxxxxxxxxxxxx>
Subject: Re: Cosign and cyrus imap and IMP
From: Wesley D Craig <wes@xxxxxxxxx>
Date: Sat, 13 Nov 2004 11:41:10 -0500
Cc: <cosign-discuss@xxxxxxxxx>
In-reply-to: <20041106235536.98F2333E6C@smtpc.itss.auckland.ac.nz>
References: <20041106235536.98F2333E6C@smtpc.itss.auckland.ac.nz>

At first I thought this was just not possible, but you might be able to leverage the "renew" mechanism. Phil's extra_addresses idea is very cool, I must say.

:wes

On 06 Nov 2004, at 18:48, Brett Lomas wrote:

Just wondering how you guys got it working ;) I notice the fowardable tickets. I was wonder if I might investigate the ability to do something like the following:
1. Keep the primary TGT on the cosign server(s).
2. On an authorized RETR request, generate a TGT for THAT host and send
that.
I am not sure if this is do-able or not, but I am thinking of investigating this a little, because this will mean someone who compromises the web server will only be able to become these users from that host, which is marginally safer.

References:
- RE: Cosign and cyrus imap and IMP
  - From: Brett Lomas

Prev by Date: RE: file not found error
Next by Date: Re: Cosign login on Mac 10.3.6 Server
Previous by thread: Re: Cosign and cyrus imap and IMP
Next by thread: Re: Cosign and cyrus imap and IMP
Index(es):
- Date
- Thread