TGS-REQ: Ticket Granting Server Request (User to KDC)
User requests KDC for a service ticket using TGT. The service ticket is also called a TGS ticket, though TGS is also the name of the service which is confusing.
- Message 1 to TGS; cleartext
- Service name / ID
- Requested lifetime for service ticket
- Message 2 to TGS: User Authenticator; encrypted with TGS session key
- Username / ID
- Timestamp
- Message 3 to TGS: forwarded TGT