Nicolas Williams <Nicolas.Williams at oracle.com> writes: > Also, the kadmin client could delete old keys from keytabs > automatically, specifically removing keys whose kvnos are not listed as > valid by kadmind. You only want to do that if the maximum ticket lifetime has passed. -- Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>