X-MS-Exchange-Crosstenant-Authas: Anonymous X-Microsoft-Antispam-PRVS: User-Agent: Evolution 3.36.5 (3.36.5-1.fc32) Sender: krb5-bugs-incoming-bounces@PCH.mit.edu X-Mailman-Version: 2.1.6 X-Microsoft-Antispam-Message-Info: 4o6LllTjQQuUg1sMPZtaAxJRSvDRF2dZCFBDo+LkBq68uQtob7tI+stjlT3J4i0/fc9P8VKRWzs77G9491Fc9iTuUPdfLx02WvIDkTz1RGkun++vTUy/IxwBi6QzrNE6y3OyL6hNgDEBQwbGz8pl5n3VuS/+UZMXburXGyZATVVM3rSrkhYuDXw69IhIPNoaV0cBY6yP5hSs+IoY4j4JstYyjRWKGDlKpdWF2uAt1BRn2nrFdk7W6KDAG6ptisyGTBBbz68u6fJkbAAHAEr/2EY2qtwcxTfiz/pdRbgoS6BOilyFLCY+sJCGDtSAlxkukyARJD0vGsikEGcb9ywlDoWKpfIDJe6fZ18qyI2RwWI6aff3G55N3qdvt91VhTE7jXXvNo559ACiIqgarJ6vOTuRGaYPYu1SK1xbyRRQuVsBrVIDAsRxCP3vP7JvbaOx X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr X-Eopattributedmessage: 0 From krb5-bugs-incoming-bounces@PCH.mit.edu Wed Sep 16 18:11:47 2020 Return-Path: X-RT-Incoming-Encryption: Not encrypted X-MS-Exchange-Atpmessageproperties: SA X-Originatororg: mitprod.onmicrosoft.com X-MS-Exchange-Senderadcheck: 0 Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu Date: Wed, 09 Sep 2020 11:00:15 +0300 Precedence: list Arc-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jA+W3IxJpuohPA4wMcKY1dzgOUC65w1nugNhrQHU/4w=; b=DStxOUyCnkI6Z806fDSAEH4NTmSvbnHhcwjDC6HywIOGUSSjE6PEz2fgMN0ZppAYXfOXP1vAQCJ/PmFq8cyTgt+I30Lr2ccTW4ZrlDEvD5tO8LY85b9tySQYBbNDwRFeGRDTHTo6B2FDLMxHIFBSWR2IVnwWyFKsdjuCbB1bjEm3Doe7YxKNRD13A4f5alR6Bc6MonrqAUNL524RWX4J+wqftDWehbr9zrJksRhz38DmOg9ttV6UHXnbVVIdQTZUhl3mwC3Yix/ALgzTdpKHZRcFaWriemyTM3LG8DADGy30cPBF1zyKmjoHvgPKuC4qkT92K3BE+NZ+Zudw3DXJhA== X-MS-Exchange-Crosstenant-ID: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b X-MS-Publictraffictype: Email Received: from PCH.mit.edu (PCH.MIT.EDU [18.7.21.50]) by krbdev.mit.edu (Postfix) with ESMTPS id 6E65540016; Wed, 16 Sep 2020 18:11:47 -0400 (EDT) Received: from PCH.MIT.EDU (localhost.localdomain [127.0.0.1]) by PCH.mit.edu (8.14.7/8.12.8) with ESMTP id 08GMBlPe019094; Wed, 16 Sep 2020 18:11:47 -0400 Received: from outgoing-exchange-3.mit.edu (OUTGOING-EXCHANGE-3.MIT.EDU [18.9.28.13]) by PCH.mit.edu (8.14.7/8.12.8) with ESMTP id 08981YRs008308 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 9 Sep 2020 04:01:34 -0400 Received: from oc11exedge1.exchange.mit.edu (OC11EXEDGE1.EXCHANGE.MIT.EDU [18.9.3.17]) by outgoing-exchange-3.mit.edu (8.14.7/8.12.4) with ESMTP id 08981XH2009634 for ; Wed, 9 Sep 2020 04:01:33 -0400 Received: from w92expo15.exchange.mit.edu (18.7.74.69) by oc11exedge1.exchange.mit.edu (18.9.3.17) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Wed, 9 Sep 2020 04:01:33 -0400 Received: from oc11exhyb1.exchange.mit.edu (18.9.1.60) by w92expo15.exchange.mit.edu (18.7.74.69) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Wed, 9 Sep 2020 04:01:32 -0400 Received: from NAM02-BL2-obe.outbound.protection.outlook.com (104.47.38.55) by oc11exhyb1.exchange.mit.edu (18.9.1.60) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Wed, 9 Sep 2020 04:01:32 -0400 Received: from DM5PR06CA0088.namprd06.prod.outlook.com (2603:10b6:3:4::26) by SN6PR01MB3901.prod.exchangelabs.com (2603:10b6:805:27::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3348.15; Wed, 9 Sep 2020 08:01:31 +0000 Received: from DM3NAM03FT012.eop-NAM03.prod.protection.outlook.com (2603:10b6:3:4:cafe::29) by DM5PR06CA0088.outlook.office365.com (2603:10b6:3:4::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3348.16 via Frontend Transport; Wed, 9 Sep 2020 08:01:31 +0000 Received: from mail.aegee.org (144.76.142.78) by DM3NAM03FT012.mail.protection.outlook.com (10.152.82.116) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.16 via Frontend Transport; Wed, 9 Sep 2020 08:01:29 +0000 Received: from localhost.localdomain (87.118.146.153.topnet.bg [87.118.146.153] (may be forged)) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id 08980LTn2606930 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for ; Wed, 9 Sep 2020 08:01:07 GMT Message-ID: <6431e77f71529406c93d3ee64caf1a15e6b4f561.camel@aegee.org> From: "Дилян Палаузов" X-MS-Exchange-Crosstenant-Fromentityheader: Internet X-Forefront-Antispam-Report: CIP:144.76.142.78; CTRY:DE; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.aegee.org; PTR:mail.aegee.org; CAT:NONE; SFS:(4636009)(39860400002)(396003)(136003)(346002)(376002)(26005)(83380400001)(336012)(68406010)(356005)(7636003)(8676002)(426003)(6666004)(7596003)(70586007)(956004)(2906002)(5660300002)(6862004)(316002)(86362001)(36756003)(786003)(4744005)(2616005)(498600001)(88636002)(42866002); DIR:OUT; SFP:1102; X-MS-Exchange-Crosstenant-Network-Message-ID: 0bfdbabf-cccc-4ef2-2086-08d854968f49 X-MS-Exchange-Transport-Forked: True X-MS-Exchange-Transport-Crosstenantheadersstamped: SN6PR01MB3901 X-MS-Exchange-Crosstenant-Authsource: DM3NAM03FT012.eop-NAM03.prod.protection.outlook.com MIME-Version: 1.0 X-Microsoft-Antispam: BCL:0; X-Beenthere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Approved-At: Wed, 16 Sep 2020 18:11:44 -0400 X-MS-Traffictypediagnostic: SN6PR01MB3901: X-MS-Office365-Filtering-Correlation-ID: 0bfdbabf-cccc-4ef2-2086-08d854968f49 Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jA+W3IxJpuohPA4wMcKY1dzgOUC65w1nugNhrQHU/4w=; b=qkxUlvdBy2dnVYewVSkrOe1BruA6MROHjHe1p1IekFNp6jbK3tpds3dVqAgjmf1xS7Y9ACjmhvMfxTRvIQXYXLLns9ssrT8ZRILYzjseJ1sbAP2ZdEOZkqOlrhDUJTYllz/zkpxo1q+FlmcZlkCcWeIf4L3aX40mb2PKZNFunww= Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1599638484; i=dkim+MSA-tls@aegee.org; bh=RC7rcsviUyu11920m/7PkNRQUCCOOOSXipZVxnmtvc0=; h=Subject:From:To:Date; b=F0ymhg00V8oc5Sz8l29p3rwhqIi351kosdDZbeKvG6NML8ZLNz5w/OCqXRBC8hpa7 EtAaDQIDGMhD8TGLkA3DTcMn3joZ2WIcfbWIaQa3ko+kMgUdVDFz2cXpa63+42c6d6 i8PrRjAecxtc0+FXY7PwLIEs1Q5x3k965DQOZa3zIRK+9rSXYaGcqLtjteyt0BGuT1 SZc7Jn4RVfADeH7mHIZa7zMpy1RjnlaYnaufXrsIzL/rYlwApRlv4AUW8Nz7qO0q8p z95oaOZsJkSq9Az51lKL8u0RXpU9n3NgYrcJg7Eq3YNElV8jfx0qAzbdMdAgyhpXh3 kvU1+KU++tIcTrnSAy/AtnaHVEO09dUV9zDNjIx5XoYpOScCcsKXYYRNvTI5M1jp3Z 6+sS+so9XXGXyxFFDzfTz4UWx+KyG91FfEmlWlxfPjYYcU2n3sy0Q7LJ5zcrBDPTAR X/nDNSvjG15dxYQ5QmyKAfr3zIrcTg3GSCEFsJ8kZJy4xE9GLr6pL+2MozO0oxU2cC 21vzdoypqfrCZhcscI7PN8WuL7a7OJgNxZJjV06Dq/leoftF6W02iOV+eqTzRRgiCW 7dkiyNtNa6ywmOx1GhHHglXP8jQYrm66q1J2/n8NmI9LvpdTscRWmcbcXp71/ZDqvy jpKRbPLPjNUfjQhiJkiSxb7I= Authentication-Results: spf=none (sender IP is 144.76.142.78) smtp.mailfrom=aegee.org; mit.edu; dkim=pass (signature was verified) header.d=aegee.org; mit.edu; dmarc=pass action=none header.from=aegee.org; X-Auto-Response-Suppress: DR, OOF, AutoReply Received-SPF: None (protection.outlook.com: aegee.org does not designate permitted sender hosts) To: "krb5-bugs" Arc-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none X-MS-Exchange-Crosstenant-Originalarrivaltime: 09 Sep 2020 08:01:29.4649 (UTC) Arc-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jIOOudT1bSKzBpZvZSigMggMQ/zr5Gm1EQacqSK9bSBy0erLZ+y1igrhhXnTPGm8NmreOeNhySXXmuxxhTmOD9iub3rGyvL65UKqScP6BG0eNvMHWMSiPcTYhO/fVdivHvnpJcAL1OkULm65yHZ6pxLE1mD4ndKOBTz2l2ACg6URUjwOZ6u7URVOI+VGRzNFu1/uCVLZQgqBMymKosZbXTfTysa9HXlCpIrHvL1PqPSQwdR6drYdAqKJitA9qy/blOTZsd9S9eGB2qET5dpZFFgplAqkfFd0qgYfE2X5+B6LYuJbUNnjDOPveclE5IqT8LzFOk2bcoL2ach78LNrrA== Content-Transfer-Encoding: 8bit X-MS-Oob-TLC-Oobclassifiers: OLM:8882; content-type: text/plain; charset="utf-8" Authentication-Results-Original: mail.aegee.org/08980LTn2606930; auth=pass (LOGIN) smtp.auth=didopalauzov@aegee.org Authentication-Results-Original: mail.aegee.org/08980LTn2606930; dkim=none X-Eoptenantattributedmessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0 Subject: Provide Means to Prevent a User Changing its Password X-RT-Original-Encoding: utf-8 X-RT-Interface: Email Content-Length: 557 Hello, I want to provide a service for many users, that can be used over Kerberos. Users shall be able to change their passwords over the kpasswd-protocol or using a website. For demonstration purposes, I want to provide a user with public password, where anybody can try the service, using that username/password, before creating a private username/password. I do not want, that the the public password can be changed over the kpasswd- protocol. Please add some means to achieve this, e.g. by a new attribute to the principals. Regards Дилян