[16540] in Kerberos_V5_Development
Re: Issues with Active Directory <-> MIT x-realm key replacement
daemon@ATHENA.MIT.EDU (hartmans@mit.edu)
Thu Dec 9 08:24:29 2010
MIME-Version: 1.0
From: hartmans@mit.edu
Date: Thu, 09 Dec 2010 08:24:08 -0500
To: Tom Yu <tlyu@mit.edu>
Message-ID: <870bed4a-8df3-4d0d-8e2c-a046e789fa7b@email.android.com>
Cc: jaltman@secure-endpoints.com, "'krbdev@mit.edu'" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
I thought that was true but did not remember it from the readme.
"Tom Yu" <tlyu@MIT.EDU> wrote:
>Sam Hartman <hartmans@MIT.EDU> writes:
>
>> 2) We plan to implement behavior that allows an administrator to purge
>> old keys. Once that is done your approach wil definitely be fine. I
>> think even without this it is fine.
>
>Manual purging of old keys (when there are multiple kvnos for a
>principal) is already implemented in the upcoming 1.9 release.
>
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
