requiring canonical hostnames

[James Matthews]

Our kerberized Mac FTP client (Fetch) does a reverse name lookup of 
the server's IP address to get a canonical hostname before requesting 
tickets from Kerberos.  Some users are in situations where reverse 
name lookup for the server address fails, and currently that prevents 
Fetch from making GSS Kerberos logins.  Would there be adverse 
security implications to having Fetch fall back on using the hostname 
entered by the user when reverse name lookup fails?  Apple's Mail and 
AFP clients appear to work in this case, which makes me suspect that 
they are using this (or some other) work-around.

Thanks,
-- 
Jim Matthews
Fetch Softworks
http://fetchsoftworks.com