Subject: TGT, Ticket and Token
Author: Alex_Raj
Posted on: 05/20/2006 03:37:11 PM
In Kerberos terminology, ticket is a token which has a session key inside and is encrypted by a secret/master key. The main purpose ticket invented in Kerberos is to establish a secure means to transport the symmetric session key, as PKI technology being used in SSL/TSL to transport the symmetric session key.
TGT is a special ticket which is only decryptable by KDC and the inside session key is used between the owner and KDC. Usually is used for KDC to grant another ticket.
TGT is a very powerful security token. It's a digital piece of evidence that proves that a user's identity has been validated by the Kerberos KDC.
References: