Ticket 5338: Race conditions in key rotation
Jeffrey Hutzelman
jhutz at cmu.edu
Wed Jun 25 16:15:59 EDT 2008
--On Wednesday, June 25, 2008 03:49:28 PM -0400 Jeffrey Altman
<jaltman at secure-endpoints.com> wrote:
> This is not true. The delay when a server is down is the timeout waiting
> for any response
> not the time necessary to get KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN and retry.
Without your change, the delay when a server is down is the same as the
delay when a server is not down, which is the time necessary to get
KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN and move on to try the next service
principal name. There is no timeout because the routing configuration
guarantees the request does not go to the server that is down.
With your change, the delay is the time to get
KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN from a working server, plus the time to
timeout the request to the admin server, which is down.
Unless, of course, I'm misreading your earlier statement that
> This definition is specified either via the use of the "master_kdc" entry
> in the realm section of the krb5.conf (the profile) or in DNS SRV records.
-- Jeff
More information about the krbdev
mailing list