Fix documentation of armor cache based on fast negotiation project

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23579 dc483132-0cff-0310-8789-dd5450dbe970
author: Sam Hartman <hartmans@mit.edu> 2010-01-04 19:59:03 +0000
committer: Sam Hartman <hartmans@mit.edu> 2010-01-04 19:59:03 +0000
commit: 2758d6990b6ddef75c9884a08ea6840c18daab41 (patch)
tree: 0c4df6b20bee536e5dec5a4aa2fda24369b9a3f6 /src/clients/kinit
parent: ac5c3678bbc6295737e42bb0ac97efe341f41dfa (diff)
download: krb5-2758d6990b6ddef75c9884a08ea6840c18daab41.tar.gz
krb5-2758d6990b6ddef75c9884a08ea6840c18daab41.tar.xz
krb5-2758d6990b6ddef75c9884a08ea6840c18daab41.zip
1 files changed, 5 insertions, 3 deletions
diff --git a/src/clients/kinit/kinit.M b/src/clients/kinit/kinit.M
index 5b85772ac..f50ca3ac3 100644
--- a/src/clients/kinit/kinit.M
+++ b/src/clients/kinit/kinit.M
@@ -140,9 +140,11 @@ option; otherwise the default name and location will be used.
 .TP
 \fB\-T\fP \fIarmor_ccache\fP
 Specifies the name of a credential cache that already contains a
-ticket.  This ccache will be used to armor the request.  Ideally, an
-attacker should have to attack both the armor ticket and the key of
-the principal.
+ticket.  If supported by the KDC, This ccache will be used to armor
+the request so that an attacker would have to know both the key of the
+armor ticket and the key of the principal used for authentication in
+order to attack the request. Armoring also makes sure that the
+response from the KDC is not modified in transit.
 .TP
 \fB\-c\fP \fIcache_name\fP
 use
author	Sam Hartman <hartmans@mit.edu>	2010-01-04 19:59:03 +0000
committer	Sam Hartman <hartmans@mit.edu>	2010-01-04 19:59:03 +0000
commit	2758d6990b6ddef75c9884a08ea6840c18daab41 (patch)
tree	0c4df6b20bee536e5dec5a4aa2fda24369b9a3f6 /src/clients/kinit
parent	ac5c3678bbc6295737e42bb0ac97efe341f41dfa (diff)
download	krb5-2758d6990b6ddef75c9884a08ea6840c18daab41.tar.gz krb5-2758d6990b6ddef75c9884a08ea6840c18daab41.tar.xz krb5-2758d6990b6ddef75c9884a08ea6840c18daab41.zip