Jeffrey Altman <[EMAIL PROTECTED]> writes:
> Also, the use of TXT records to determine which realm a service
> belongs to is insecure and is disabled by default in MIT Kerberos.
> You would need to explicitly enable this functionality in your
> krb5.ini file in order to use it.
... but I'm using MIT Kerberos on all three machines (Win32, Linux,
and MacOS). Why do I see different behavior on MacOS?
I checked the krb5.ini vs krb5.conf on these machines, and the only
material difference is that the Win32 machines have an additional line
("dns_lookup_kdc=true"), which I don't think would explain this.
So, setting aside for a second the question of whether or not TXT
records are secure, why am I seeing different behavior?
- a
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
