Turning off hostname canonicalisation

Jeffrey Altman jaltman at MIT.EDU
Mon Sep 12 13:14:23 EDT 2005

The answer is 'no'.  Settings in [appdefaults] are not for reading by
the Kerberos libraries.  They are for reading by the application.

Jeffrey Altman

Henry B. Hotz wrote:

> As another branch of this subject tree:  The option being discussed is 
> for [libdefaults].  Will the parsing code pick it up in [appdeafaults] 
> as well?  I would imagine that different app's might be coded 
> differently and might need different behavior to work correctly.
> On Sep 12, 2005, at 9:02 AM, krbdev-request at mit.edu wrote:
>> Without
>> canonicalisation I would need to create keytab for app.test.com and
>> distribute to every system, which can be painful in a bigger 
>> environment. So
>> I see a need to keep canonicalisation on a service by service case
>> and  not
>> as a global switch.
> ------------------------------------------------------------------------
> ----
> The opinions expressed in this message are mine,
> not those of Caltech, JPL, NASA, or the US Government.
> Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
> _______________________________________________
> krbdev mailing list             krbdev at mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2707 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20050912/4cfaf316/attachment.bin

More information about the krbdev mailing list