22 sep 2011 kl. 11:08 skrev Danilo Almeida: > Adding OS authorization notions such as username or uid as a new calls into > GSSAPI seems like a really bad idea Not having it creates security bugs, there are plenty examples where people do gss_display_name() and then cut the string at the @ and call it a username. Love