issue with MIT KDC and LDAP DS

[Jeffrey Hutzelman]

--On Friday, May 22, 2009 08:12:38 PM -0400 Ken Raeburn <raeburn at MIT.EDU> 
wrote:

> It is a backwards-incompatible protocol change (if you consider "stop
> sending queries after any response" to be part of the original protocol),
> but it's already deployed, some time ago.

I don't, particularly, but the original protocol didn't provide any way to 
signal to a client that it should try another KDC, and dropping the request 
on the floor works.

-- Jeff