In Samba's snapshot of Heimdal, we have been having some trouble with expired certificates and PKINIT. The error we were getting was 'salt type 3 not valid' (caused because a PKINIT error reply doesn't send normal encryption types), rather than a sensible error. This should be easily reproduced by grabbing Samba4 alpha2, or I can post the certificates we were using. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
This is a digitally signed message part