For client-driven cross-realm scenarios, I believe we should cache the TGTs we ask for, but not alternate TGTs. If we cache alternate TGTs, we could have the same kind of scenario where we repeatedly cache an alternate TGT because the overall TGS operation fails.