>I guess if I’m on a tear saying forbidden things, sometimes identity is all >you need, you don’t want all the samples to encrypt everything, because >that makes it look like you have to, which you don’t? It is use-case >dependent, and krb5 is great because it is granular enough to let >developers choose what they do for their own use-cases.
I'd like to push back on THIS a bit. While I agree that you don't ALWAYS need to encrypt everything, I would argue that in 2023 you should to encrypt everything 99% of the time, and the 1% you don't you should think about very carefully. And having the samples encrypt stuff would be helpful as examples (and to take later further point, the breakdown between sample/simple always confuses me as well). --Ken ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
