>>>>> "Fredrik" == Fredrik Tolf <[EMAIL PROTECTED]> writes:
>> This comes up often enough that I'm thinking we should
>> reconsider our decision not to listen on localhost.
Fredrik> Would you mind me asking why you made that decision in
Fredrik> the first place? I can see no obvious reason for it.
If you are using IP addresses in your tickets, you want to make sure
that you never talk to the KDC on localhost. Also, you want to make
sure you never include localhost in the set of addresses in your
ticket. I think we use the same API to find local addresses to
include in tickets as we do to find local interfaces.
--Sam
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
