Quoting Ken Raeburn <[EMAIL PROTECTED]>: > On Jan 10, 2006, at 03:27, Turbo Fredriksson wrote: >> Quoting "Douglas E. Engert" <[EMAIL PROTECTED]>: >>> The kadmin/[EMAIL PROTECTED] should be kadmin/ >>> [EMAIL PROTECTED] >>> i.e. host names in Kerberos are always FQDN. >> >> Just for completeness, my extream curiosity etc. Why EXACTLY is >> that. If the >> DNS works perfectly (both forward and reverse), then it should be >> possible to >> NOT have the FQDN... ? > > There may be hosts from multiple subdomains in one realm. For > example, foo.dev.example.com and foo.sales.example.com; if you use > only the first component, host/[EMAIL PROTECTED] corresponds to which...? > >> And why not use IP's (other than if the IP change, the >> key is invalid)?
Oki, point taken. I'm trying to put this information into my own use, and I only have _one_ machine called 'foo', so that/this reason isn't valid for _me_. > Isn't that a pretty good reason right there? Absolutly! I was wondering if there where any other, not so obvious ones :) > Also, a host may have multiple IP addresses. (Then again, it may > also have multiple names....) True, but (again), in my usage there's only _one_ 'primary' IP, the rest is "sub-IP's" (used for SSL sites etc, nothing else). ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
