[37086] in Kerberos
returning krb5_rd_req error code to clients
daemon@ATHENA.MIT.EDU (Chris Hecker)
Sat Jun 13 07:38:49 2015
Message-ID: <557C163A.40501@d6.com>
Date: Sat, 13 Jun 2015 04:38:34 -0700
From: Chris Hecker <checker@d6.com>
MIME-Version: 1.0
To: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Is it a problem to return the krb5_rd_req error code on failed authn to
clients? Is that revealing information it shouldn't and I should just
return success or failure? Or filter it down to a few safe ones, like
clock skew, etc?
Chris
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
