Kerberos transport DNS record design
Matt Rogers
mrogers at redhat.com
Wed Jun 1 10:49:04 EDT 2016
On 05/31, Greg Hudson wrote:
> On 05/31/2016 03:13 PM, Nathaniel McCallum wrote:
> > _kerberos-adm.REALM
> > _kerberos.REALM
> > _kpasswd.REALM
>
> _kerberos.REALM TXT is currently used to look up the realm of a hostname
> (see lib/krb5/os/hostrealm_dns.c), so we should use a different prefix
> label, like _krb5kdc or _kdc.
>
> I have no other objections.
The wiki page should be up to speed now. I added some additional notes
about priority and fallback behavior that were discussed in IRC. A
quick review would be appreciated.
https://k5wiki.kerberos.org/wiki/Projects/KDC_Discovery
--
Matt Rogers
Red Hat, Inc
More information about the krbdev
mailing list