I'm sorry. I'm still not seeing a harm here. I absolutely agree that setting a default realm to something unexpected would be problematic. However simply having a realm listed in krb5.conf doesn't have any affect unless you try to use that realm. It's not like settind the default URI for ldapsearch or adding relay configuration to main.cf.
what it means is that if you try to use that realm (and the information is correct) then it will work. I'll definitely remove the cruft, because you're right that krb5-config has bitrotted a bit. However, I consider making it so that using a particular kerberos realm will *work* if a user tries to do that consistent with the principle of least surprise. If something is causing a Kerberos realm to get used unintentionally as a result of this, I'd consider that a bug, although I'd suspect it would probably not be a bug in krb5-config.
