On Mon, 2016-12-12 at 09:42 +0100, Christian Heimes wrote:
> Hi Simo,
> I'm wondering if we need to change kdcproxy for anon pkinit. What kind
> of Kerberos requests are performed by anon pkinit and to establish a
> FAST tunnel? python-kdcproxy allows only request types AS-REQ, TGS-REQ
> and AP-REQ+KRB-PRV. Responses are not filtered.
No changes needed, we only use AS and TGS request types.
Simo Sorce * Red Hat, Inc * New York
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code