RX Kerberos 5 security class requirements of Kerberos library

Nicolas Williams Nicolas.Williams at sun.com
Wed Jan 3 11:56:08 EST 2007

On Wed, Jan 03, 2007 at 09:19:49AM -0500, Jeffrey Altman wrote:
> Sam> I'm explicitly trying to limit this API to localauth.  Nico
> Sam> disagrees with that.

Well, no, I'm saying that for localauth AFS should use OS facilities,
not Kerberos or any other security mechanism.  And I'm saying that a
Kerberos-based PSK mechanism should be more general if there will be one
at all.

> We can enforce the localauth case by how the client keytab is used.



More information about the krbdev mailing list