Notes on Kerberos kvno in Windows RODC environment

This blog talks about key version number (kvno) in a read-only domain controller (RODC) environment. A previous blog introduced kvno in general. Here, I look at specifics in RODC environment. For a refresher, the kvno is a field of the EncryptedData structure (RFC4120 Section 5.2.9). It indicates the version number of the key used to encrypt…


To KVNO or not to KVNO, what is the version!?

  Shakespeare knew nothing about Kerberos V5… Nothing!  But, I still like him! And that, despite the fact that he had the audacity to paraphrase me in his play “Hamlet”. Of course no one believes me! I must admit it would be much easier to convince you about this historic truth if I had been…