The MAC will check out only if the servers are using the same key. If the
servers regularly generate new keys (as is suggested in the
If there is no rnormative requirement that the MAC field actually contain
a MAC, how can we assume this? And if there is no algorithm indication,
how do we know how long the MAC field is?
Doesn't the key_version field also provide a hint
as to whether the ticket is something that you
If the key_version field was globally and temporally unique (for example,
if it included the server name + a counter) then it would provide that
information. But it's just a 32-bit integer. If servers start
at zero, the chance of collision will be qu ite high.
Ietf mailing list