Salt for aliases

[Sam Hartman]

We had hoped to test salting of aliases and some canonicalization issues at the interop event.

Unfortunately, that testing never happened.

I suspect that if you use aliasing for user name aliases that you
really want to have the KDC return a specific salt string in the
etype_info2 based on the canonical principal name.

This is out of scope of anything I'm currently working on and I would
not count on me for having time to deal.

--Sam