[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: k4-cross-realm state in 0.6.2

Andrei Maslennikov <andrei@caspur.it> writes:

> Hello,
> could somebody tell us whether the option:
>     "enable-kerberos4-cross-realm=true"
> is currently seen as secure one in Heimdal 0.6.2? 

Kerberos 4 cross realm is broken on the protocol level and will never be
secure again. Its default turned off for that reason.


PGP signature