"Secure coding" audit checkers and Kerberos

John Hascall john at iastate.edu
Wed Oct 15 17:54:48 EDT 2008

> > At some point we need to just tell people to join the 21st^H^H^H^Hlate
> > 90s and run something vaguely compliant with standards and with at
> > least some attention to security.

> Agreed.  See also "Supported platforms" (which I am working on
> clarifying).  I think that our resources can be better spent on modern
> and security-conscious platforms.

I also agree IFF either:
  a) it is known that all supported platforms have safe implementations, or
  b) it is known which don't and a known safe alternative is provided and used

Since "Supported platforms" is, at the moment, somewhat nebulous
I'm not sure that statement can be made (at this time).


More information about the krbdev mailing list