On 21 Jan 2002, Sam Hartman wrote: > No, at worst a principal is granted access because a service > assuming the KDC does authorization is deployed in a realm where > this is not the case. The interop problem happens when someone > wants to deploy a service but realizes they cannot do so because > it requires authorization features their realm does not support.
hmm.. > I am aware of no widely deployed Kerberos applications without > authorization support. pam_krb5? --paulj
