Turning off hostname canonicalisation
Jeffrey Hutzelman
jhutz at cmu.edu
Tue Sep 13 15:10:51 EDT 2005
On Tuesday, September 13, 2005 02:59:41 PM -0400 Sam Hartman
<hartmans at mit.edu> wrote:
>>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
>
> Nicolas> The proposed set/change password version 2 protocol deals
> Nicolas> with principal aliasing...
>
>
> It requires that the KDC be able to enumerate all the principals that
> a particular service can be known as. That is not compatible with
> case insensitive keytabs in an interoperable manner.
You've used that phrase twice now, and I still can't figure out what it
means. What requirement do you see that is not being met?
Note that a KDC _could_ enumerate all possible mixtures of upper and lower
case for a given principal name. It'd be sort of suckful compared to just
making matching case-insensitive, but it could be done.
-- Jeff
More information about the krbdev
mailing list