How often does MIT krb5 request for KDC info through DNS?
ballbery at sinenomine.net
Tue Aug 5 10:44:54 EDT 2014
On Tue, 2014-08-05 at 10:19 -0400, Greg Hudson wrote:
> That said, if the popular platforms aren't interested in providing
> service, at some point applications have to step in and solve the
> problem even if it's not optimal. We might add some amount of DNS
> caching in libkrb5 at some point (with a very low internal TTL),
> it isn't super high on the priority list.
Browsers do this these days. And balancing faster performance due to
local caching against correct operation took them a while. It's
something of a mess; it really does not belong in the application, as
brandon s allbery kf8nh sine nomine associates
allbery.b at gmail.com ballbery at sinenomine.net
unix openafs kerberos infrastructure xmonad http://sinenomine.net
More information about the krbdev