Replacements for deprecated Kerberos APIs?
hartmans at MIT.EDU
Tue Aug 9 14:35:32 EDT 2005
I think your list is fairly correct. RFC 4120 doesn't have anything
like the initvector concept; you should only need that API if you have
a really old protocol to deal with.
There are not replacements for the get_in_tkt calls besides password
and keytab. We haven't seen much of a demand for them and it made
dealing with preauth challenging. If people want a replacement for
krb5_get_in_tkt_skey we can create a memory-based keytab to use.
More information about the krbdev