Compatibilty between mixed kerberos release (KDC 1.12 client 1.10).

[Ken Hornstein]

>Is there any general wisdom out there about mixed KDC/Client versions?  Are
>there concerns around allowing environments drift to where a KDC would be
>on a later release than the clients?

FWIW, we run a whole bunch of crazy versions of Kerberos, and generally
there is not an interoperability problem; the protocol is pretty well
specified and in general everything works fine at that level.

>There seems to be a change in default behavior in the 1.12+ where renewable
>tickets must be specifically requested (RHEL 7 is including the 1.12 as the
>tested krb release in platform).

This is more of a problem, but I don't consider this an interoperability
issue.

--Ken