Implementing IETF Draft on DNS use in Kerberos
Derek Atkins
warlord at MIT.EDU
Fri Jul 19 23:10:00 EDT 2002
Sam Hartman <hartmans at MIT.EDU> writes:
> Yes. Note however a security problem exists when the DNS support is
> used for determining something other than the local realm.
True. Hopefully DNSSEC will mitigate this threat (if/when it gets
deployed ;)
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the krbdev
mailing list