[36559] in Kerberos
Re: No mention of _kerberos TXT in RFCs / but we have DNSSEC now
daemon@ATHENA.MIT.EDU (Rick van Rein)
Sun Oct 19 10:52:27 2014
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Rick van Rein <rick@openfortress.nl>
In-Reply-To: <FC381283-C7D6-42AE-86F5-4A9B88C0FDB0@openfortress.nl>
Date: Sun, 19 Oct 2014 16:51:14 +0200
Message-Id: <53478307-5DE6-4BBD-804E-1EA5EF9290AA@openfortress.nl>
To: kerberos@mit.edu
Cc: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Content-Type: text/plain; charset="windows-1252"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hello all,
Based on the responses in this thread, I have drafted a proposal for TXT records, and posted it to Kitten.
Any feedback on this is welcome and helpful; but Kitten is probably the best place for it.
Thanks,
-Rick
> After a discussion on kerberos@mit.edu about the TXT records that never made it into a standard, we realised that the recent success of DNSSEC provides a new opportunity for this dnsname-to-realmname mapping. Below is a proposal to that end.
>
> Title: Finding the Kerberos Realm of a Service in DNS
> Draft: draft-vanrein-dnstxt-krb1-00
> Location: http://datatracker.ietf.org/doc/draft-vanrein-dnstxt-krb1/
>
> This is part of my endeavour to move Kerberos towards realm crossover, for which finding a service’s realmname can be all but trivial.
>
> Any comments on this are highly appreciated!
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
