issue with MIT KDC and LDAP DS
jhutz at cmu.edu
Fri May 22 20:31:55 EDT 2009
--On Friday, May 22, 2009 08:12:38 PM -0400 Ken Raeburn <raeburn at MIT.EDU>
> It is a backwards-incompatible protocol change (if you consider "stop
> sending queries after any response" to be part of the original protocol),
> but it's already deployed, some time ago.
I don't, particularly, but the original protocol didn't provide any way to
signal to a client that it should try another KDC, and dropping the request
on the floor works.
More information about the krbdev