NSIS-ka
A free C++ implementation of NSIS protocols

Changes between Version 4 and Version 5 of SessionAuthorizationObject


Ignore:
Timestamp:
Jun 22, 2010, 4:59:37 PM (7 years ago)
Author:
roehricht
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • SessionAuthorizationObject

    v4 v5  
    1818
    1919 * The user requests a Ticket Granting Ticket (TGT) from the Ticket Granting Server (TGS), shown in step 1.
    20  * The user gets the answer back (step 2) and extracts the session key from the received ticket and uses it for the HMAC computation. The user sends the TGT as Session
    21 Authorization Object, together with the proposed extended Session Authorization Object as signature for the QoS NSLP message to the next signaling hop (step 3).
     20 * The user gets the answer back (step 2) and extracts the session key from the received ticket and uses it for the HMAC computation. The user sends the TGT as Session Authorization Object, together with the proposed extended Session Authorization Object as signature for the QoS NSLP message to the next signaling hop (step 3).
    2221 * The router extracts the TGT and the session key. It stores the session key under the key index that is specified in the extended Session Authorization Object (step 4). The key should have a validity that corresponds to the lifetime of the ticket, i.e., the key will expire automatically after some time. Furthermore, the key ID must also point to the user identity, so that a corresponding user profile can be fetched in order to perform (local) policy-based admission control.
    2322