AFS and tokenforwarding

[Markus Friedl]

On Thu, Oct 04, 2001 at 10:34:58AM +0200, Bjoern Groenvall wrote:
> Don't think I ever said that. However, as I said in my letter one must
> be a bit careful with ownership management of the forwarded
> tickets. That should be simple to verify though.

currently, i agree with Dug Song that the token should not be accpeted
by the server before client and server have authenticated each other.

this is why token handling was moved from auth1.c to session.c
when Dug imported Kerb5 to OpenSSH.

-m