On Mon, May 27, 2013 at 3:51 PM, Greg Hudson <[email protected]> wrote: > More generally, I'm not sure the pam_krb5 module ought to be driving the > decision to use PKINIT. [...]
Well, certainly the KDC must decide how some principal is authenticated. But local policy must also be allowed to set a bar. Nico -- ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
