Proposal for using NAPTR/URI records
Nico Williams
nico at cryptonector.com
Fri Feb 27 12:26:36 EST 2015
On Fri, Feb 27, 2015 at 10:52 AM, Simo Sorce <simo at redhat.com> wrote:
> On Fri, 2015-02-27 at 10:38 -0600, Nico Williams wrote:
>> I think this adds up to: multiple DNS queries, with some local
>> configuration will be needed to decide on a DNS query order.
>
> My preference would be to implement the URI protocol, but not enable
> querying for it by default in 1.14, add a tunable in [libdefaults ]
> called something like dns_uri_lookup_kdc = false|true|only and set it to
> false by default, change it to true later on ? (let downstream change
> the default if they so desire)
Yes, this. Eventually this should be enabled by default. We can give
sites a couple of years to move to URI RRs instead of SRV RRs.
Nico
--
More information about the krbdev
mailing list