On Jan 10, 2006, at 03:27, Turbo Fredriksson wrote: > Quoting "Douglas E. Engert" <[EMAIL PROTECTED]>: >> The kadmin/[EMAIL PROTECTED] should be kadmin/ >> [EMAIL PROTECTED] >> i.e. host names in Kerberos are always FQDN. > > Just for completeness, my extream curiosity etc. Why EXACTLY is > that. If the > DNS works perfectly (both forward and reverse), then it should be > possible to > NOT have the FQDN... ?
There may be hosts from multiple subdomains in one realm. For example, foo.dev.example.com and foo.sales.example.com; if you use only the first component, host/[EMAIL PROTECTED] corresponds to which...? > And why not use IP's (other than if the IP change, the > key is invalid)? Isn't that a pretty good reason right there? Also, a host may have multiple IP addresses. (Then again, it may also have multiple names....) Ken ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
