On 07/12/2013 11:33 AM, Erinn Looney-Triggs wrote: > GSSAPI inside of a TLS channel apparently isn't secure unless the > channel is secure and verified. The irony being that GSSAPI auth outside > of a TLS connection is just fine for postfix.
Is this really the case? I am under the impression that Kerberos is secure enough outside of the TLS tunnel and this is would be just a precaution rather than a security measure. -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users