attribute to require pkinit?

Ken Hornstein kenh at
Tue Nov 28 15:25:50 EST 2006

>Is there a need/desire to have a per-principal db attribute which
>requires a user to use pkinit to authenticate?

I can think of cases where it would be useful (we make use of the feature
to require some users to use hardware preauth).


More information about the krbdev mailing list