Hi Simo,

>> I guess the proposed credential option is necessary, in that case.
> I think in this case ignoring the flag should probably be conditional
> to whether a PAC is present.

We should enforce a PAC always to be present, as we don't support
trusted domains with LSA_TRUST_TYPE_MIT anyway.


Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to