question about krb5_verify_init_creds() and verify_ap_req_nofail

[Greg Hudson]

On Fri, 2011-01-14 at 16:21 -0500, Will Fiveash wrote:
>   If that is true, shouldn't the
> MIT default be more restrictive and require and admin to explictly set
> verify_ap_req_nofail to false in krb5.conf if they are less concerned
> about KDC spoofing?

Perhaps if we were designing the feature today.  But if we were to
change the default in, say, 1.10, that would play havoc on sites using
pam_krb5 on unkeyed systems.