Add description of keytab encoding

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5784 dc483132-0cff-0310-8789-dd5450dbe970

1 files changed, 20 insertions, 2 deletions

diff --git a/doc/kadmin/kadmin.protocol b/doc/kadmin/kadmin.protocol
index e534d39555..d48767b9ad 100644
--- a/doc/kadmin/kadmin.protocol
+++ b/doc/kadmin/kadmin.protocol
@@ -221,11 +221,12 @@ o Returns
 	NOT_AUTHORIZED		- not allowed to perform this
 	P_DOES_NOT_EXIST	- principal does not exist
 o Supplemental Returns
-	<octet-string>		- if successful
+	<keytab-entry>		- if successful
 	error message text	- if failure
 o Description
 	If the specified name/instance exists in the database, then
-	extract the service key entry and return it in <octet-string>.
+	extract the service key entry and return it in <keytab-entry>.
+	The description of <keytab-entry> follows below.
 o Access Required
 	Client principal must have EXTRACT permission.
 
@@ -271,3 +272,20 @@ Note: The value for SALTTYPE is a comma-separated list of strings.  The
 individual values for these may be either "KRB5" or "KRB4" or a site-specific
 value.
 
+Keytab Entry
+------------
+If the EXTRACT SERVICE KEY function is supported, then the successful
+response to this command is the key entry.  This is a series of 6
+reply components as follows:
+
+component	type		value
+---------	---------------	-----------------------------------------
+	1	<string>	Principal name
+	2	<integer>	Key entry timestamp
+	3	<integer>	Key's version number.
+	4	<integer>	Key's keytype.
+	5	<integer>	Key's encryption type.
+	6	<octet-string>	Key's key value.
+
+All of these components are mandatory.
+