[348] in Kerberos
re: converting a hostname into its realm
daemon@TELECOM.MIT.EDU (srz@ATHENA.MIT.EDU)
Mon Apr 4 17:08:53 1988
From: srz@ATHENA.MIT.EDU
To: Saltzer@ATHENA.MIT.EDU
Cc: kerberos@ATHENA.MIT.EDU
The problem with going at it sequentially is that you are assuming that
the service names are going to be unique for each realm. For instance,
if I am in the LCS.MIT.EDU realm, and I want to log onto
KERBEROS.MIT.EDU, I would be asking for the service "rcmd.kerberos".
If that service were registered in the LCS realm, I would
get tickets valid for KERBEROS.LCS.MIT.EDU, not KERBEROS.MIT.EDU.
Similar problems occur for generic service names, such as
"zephyr.zephyr".
I think the routine that John suggested should be defined, even though
the exact implementation may be site-specific. That way, different
sites can make tradeoffs between flexibility and the cost of network
traffic. If we assume that different services on the same server
may be in different realms, then perhaps the service name should
be another argument to this routine.
