Steve Syfuhs

I recently did an overhaul of how the client instantiates the cache. Can you see if this repros for you anymore?

Nope. Hasn't really been any demand for this. .NET Standard 2.0 doesn't expose the ECC APIs so this requires doing everything through reflection similar to `Rfc2898DeriveBytes`: https://github.com/dotnet/Kerberos.NET/blob/develop/Kerberos.NET/Crypto/Pal/Rfc2898DeriveBytes.cs It can be...

PR's are accepted to get that working.

Awesome! The build process is somewhat of a pain to verify, but it should just be a matter of duplicating the kerberos.net lines in the build file and replacing the...

It does seem odd to issue a PAC without the logon info but with everything else. Unfortunately, when the AD KDC returns a generic error that tends to mean one...

I didn't think we were planning on putting that requirement on MIT trusts. Obviously, we'd prefer it if we could, but that's a major breaking change. ________________________________ From: Nico Williams...

Let me confirm what our specific requirements around that will be. This could still be an annoying thing to thread one way or another and I don't want to give...

We (Windows) considered this kind of attack a low severity issue. Amplification attacks in corporate networks just aren't a thing, and on top of that the amount of requests required...

Good news! Futurama.gif We are still serious about IAKerb. It's currently in a quantum superposition of both being in code and not in code because I'm an idiot and broke...

I don't have much skin in the heimdal game, so obviously my opinion is just that. HTTPS is the transport de rigueur for all things and any transport otherwise in...