returning krb5_rd_req error code to clients

Chris Hecker checker at d6.com
Sat Jun 13 07:38:34 EDT 2015


Is it a problem to return the krb5_rd_req error code on failed authn to 
clients?  Is that revealing information it shouldn't and I should just 
return success or failure?  Or filter it down to a few safe ones, like 
clock skew, etc?

Chris



More information about the Kerberos mailing list