On Jun 5, 2013 12:18 PM, "Trevor Vaughan" <[email protected]> wrote: > > Given that you're going to be using client certs for encryption, why would you bother with Kerberos authentication?
This is what I was wondering as I read this too. One benefit I could see (but at a much smaller scoped project) is the ability to securely auto-sign certs. If you're already joining a machine to a Kerberos realm, it would be one less step if you could use that trust to provide validation for signing Puppet's client cert. Might be a bigger win for Windows systems, where Kerberos is all but required. Wil -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-dev?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
