Sergio Gelato wrote: > * Russ Allbery [2007-03-16 15:11:20 -0700]: >> Jeff is talking about additional functionality that several of us would >> like to add to the Kerberos KDC that lets you create a new key (and hence >> a keytab and hence pre-populate the KeyFile) without having the KDC >> immediately start using it for service tickets. > > Out of curiosity, is AFS the only intended application for this? > It seems to me that the day AFS will finally use standard Kerberos 5 > keytabs and per-server principals the problem will be much milder. > Granted, one may not want to wait that long.
The desired key rollover and rollback functionality is not specific to AFS. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
