E.9 Commonly Used Terms

The following table defines the terminologies commonly used with Kerberos and GSSAPI.

Table E-1 Kerberos/GSSAPI Terminology

Term

Definition

Key Distribution Center (KDC)

Kerberos server which authenticates users and issues tickets.

Principal

An entity (user or service instance) registered with the KDC.

Realm

A domain or grouping of principals served by a set of KDCs.

Service Ticket (ST)

A record containing client information, service information, and a session key which is encrypted with the particular service principal’s shared key

Ticket Granting Ticket (TGT)

A type of ticket that the client can obtain additional Kerberos tickets with.