On Fri, Sep 19, 2008 at 12:53:13AM -0400, Ken Raeburn wrote: > On Sep 17, 2008, at 20:04, Will Fiveash wrote: > > - No reverse DNS lookup in krb5_sname_to_principal() > > *sigh* > > This will be a behavioral change. We should also not be doing the DNS > lookup to canonicalize the name in the first place, but fixing that > requires other support (having the KDC recognize aliases, etc); that > will also be a behavioral change. I think we've been maintaining the > status quo until we can inflict just one massive change on the end > sites instead of two.
I've a plan. We should discuss this. For me the krb5_sname_to_principal() issues are extremely annoying, and I'd be tempted to request that they be given higher priority, except that it's been so broken for so long that a few years more might not hurt. OK, I'm kidding about "years." Nico --
