Ie want to teach one of our applications to perform a basic Kerberos authentication dialogue (receive KRB_AP_REQ, send KRB_AP_REP).
Somewhere in the application we have to check whether a Kerberos user (principal@realm) is allowed to use the service, and at this place I would like to restrict the length of the user name to some fixed value. Is there any "practical" agreement on how long principal@realm strings can be? 128 would seem enough even if X.500 realms are involved. I have no technical difficulties with setting the limit to 256 or even 1024 bytes, but I'd feel rather foolish if the rest of the world knows that no kerberos admin ever has created such names.... -- Cheers, haj ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
