[krbdev.mit.edu #8925] [Comment] qualify_shortname default can be harmful in LAN setups

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[krbdev.mit.edu #8925] [Comment] qualify_shortname default can be harmful in LAN setups

Greg Hudson via RT

https://krbdev.mit.edu/rt/Ticket/Display.html?id=8925
This is a comment.  It is not sent to the Requestor(s):

In the previous comment, I meant to say S4U2Proxy, not S4U2Self. This wrinkle
cannot be ironed out, because krb5_get_credentials() can only see the evidence
ticket, not the client name within, so it cannot check the cache.


_______________________________________________
krb5-bugs mailing list
[hidden email]
https://mailman.mit.edu/mailman/listinfo/krb5-bugs