krb5_sname_to_principal or LDAP/SASL/GSSAPI and reverse DNS

Sam Hartman hartmans at MIT.EDU
Tue Apr 8 17:22:52 EDT 2003

Generic keys are insecure because of replay cache issues.

Command line options are not really acceptable because there is no way
to pass that information through GSSAPI or SASL.

A config file option is not really very good because it is a property
of the server what you need to do, not a property of your client.

More information about the krbdev mailing list