On 07/12/2013 11:33 AM, Erinn Looney-Triggs wrote:
> GSSAPI inside of a TLS channel apparently isn't secure unless the
> channel is secure and verified. The irony being that GSSAPI auth outside
> of a TLS connection is just fine for postfix.

Is this really the case? I am under the impression that Kerberos is
secure enough outside of the TLS tunnel and this is would be just a
precaution rather than a security measure.

Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.

Looking to carve out IT costs?

Freeipa-users mailing list

Reply via email to