Connected: An Internet Encyclopedia
3.2.5. Receipt of KRB_AP_REP message

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1510
Up: 3. Message Exchanges
Up: 3.2. The Client/Server Authentication Exchange
Prev: 3.2.4. Generation of a KRB_AP_REP message
Next: 3.2.6. Using the encryption key

3.2.5. Receipt of KRB_AP_REP message

3.2.5. Receipt of KRB_AP_REP message

If a KRB_AP_REP message is returned, the client uses the session key from the credentials obtained for the server (Note that for encrypting the KRB_AP_REP message, the sub-session key is not used, even if present in the Authenticator.) to decrypt the message, and verifies that the timestamp and microsecond fields match those in the Authenticator it sent to the server. If they match, then the client is assured that the server is genuine. The sequence number and subkey (if present) are retained for later use. See section A.12 for pseudocode.


Next: 3.2.6. Using the encryption key

Connected: An Internet Encyclopedia
3.2.5. Receipt of KRB_AP_REP message