[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: why heimdal over MIT?
>For those of you running heimdal, why did you select it over MIT?
We chose to use Heimdal as the basis for our proprietary authentication
server for a number of reasons, including:
o a history of using Heimdal from before MIT was exportable (we're
o a well abstracted backend architecture that eased the implementation
of directory server-based backends
o an ASN.1 compiler that eased the implementation of extensions (for
example, RFC 3244)
o support for MD4 passwords (I know MIT has this now)
Of course, none of these things may matter to you...
>I am specifically intersted in knowing if MIT supports PK-INIT,
>and if heimdal supports use of DNS SRV records.
I believe Heimdal does support DNS SRV records for KDC location. I
am not aware of any PKINIT support for MIT but there are patches for
Heimdal to support this.
Luke Howard | PADL Software Pty Ltd | www.padl.com