[29751] in Kerberos
Re: Is a Kerberos principal always a DNS name?
daemon@ATHENA.MIT.EDU (Booker Bense)
Thu Apr 24 14:01:37 2008
From: bbense@slac.stanford.edu (Booker Bense)
Date: Thu, 24 Apr 2008 17:42:58 +0000 (UTC)
Message-ID: <fuqgr2$iuj$1@news.Stanford.EDU>
X-Complaints-To: news@news.stanford.edu
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
In article <fupovd$25qp$1@relay.tomsk.ru>,
Victor Sudakov <vas@mpeks.no-spam-here.tomsk.su> wrote:
>Colleagues,
>
>Is a Kerberos principal always a DNS name? Can't an IP literal be used?
>
It's whatever both sides of the connection argee that it should
be BEFORE the connection is made. DNS names are used by default
since that makes an easy out of band way to get both sides to agree.
You can use IP addrs if you can wrangle both client and server
software into using them. I'm not aware of any standard clients
that will support that kind of usage though.
_ Booker C. Bense
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
