[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
after using MIT Kerberos I am new to Heimdal Kerberos and would like to
ask one rather practical and another rather theoretical question:
1) Which configuration information has priority: the one provided by DNS
or the one from the local configuration file /etc/krb5.conf (I got some
strange effects with a fresh Heimdal test installation in the context of
a different MIT production installation)?
2) Does the recent Heimdal 0.8.1 implementation of pk-init take care of
the issues raised in "Breaking and Fixing Public-Key Kerberos" (I.
Cervesato, A.D. Jaggard, A. Scedrov, J.-K. Tsay, and C. Walstad) which
resulted in the latest IETF draft?
This pkinit extension comes very handy e.g. wishing to combine the
Kerberos related AFS file service and grid computing with
key/certificate based authentication.
Thank you very much for your work,