[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Turning off hostname canonicalisation

To: heimdal-discuss@sics.se, krbdev@mit.edu
Subject: Re: Turning off hostname canonicalisation
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Date: Tue, 13 Sep 2005 14:59:50 -0400
In-Reply-To: <4327200D.2060200@mit.edu>
Sender: owner-heimdal-discuss@sics.se

>Ken has choosen to treat the krb5.conf file as the configuration file
>for applications he bundles with Kerberos.   The choice of options that
>he uses are a site local issue provided that they do not conflict with
>the namespace used by the Kerberos libraries.   I believe that all we
>need to do is document (whenever we get around to documenting anything)
>that [appdefault] is an unmanaged name space that does not impact the
>behavior of the Kerberos libraries when used by applications.

That's fine with me.  I've explicitly tried not to put anything in
[appdefaults] that affects the behavior of the Kerberos library (in
fact, I am pretty sure that nothing that I have in krb5.conf affects
the behavior of the Kerberos library).  I used to use some stuff that
would change default ticket lifetimes, but even that code wasn't parsed
by the Kerberos library, but instead by programs like kinit.

--Ken

Prev by Date: No Subject
Next by Date: Re: Turning off hostname canonicalisation
Prev by thread: Re: Turning off hostname canonicalisation
Next by thread: [SAMBA4][PATCH] Fix up AES sign/seal on DCE/RPC
Index(es):
- Date
- Thread