[39461] in Kerberos

home help back first fref pref prev next nref lref last post

Re: Why do "strict acceptor checking"?

daemon@ATHENA.MIT.EDU (Russ Allbery)
Tue Oct 8 21:20:24 2024

From: Russ Allbery <eagle@eyrie.org>
To: Ken Hornstein via Kerberos <kerberos@mit.edu>
In-Reply-To: <202410090033.4990XeEZ023125@hedwig.cmf.nrl.navy.mil> (Ken
 Hornstein via Kerberos's message of "Tue, 08 Oct 2024 20:33:39 -0400")
Date: Tue, 08 Oct 2024 18:19:01 -0700
Message-ID: <875xq213ay.fsf@hope.eyrie.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

Ken Hornstein via Kerberos <kerberos@mit.edu> writes:

>> Me too. We've been recommending calling gss_accept_sec_context with
>> GSS_C_NO_CREDENTIAL for a long time, and almost no one does that.  it's
>> very annoying.

> It's comforting to know that at least I'm not the only old, grizzled
> Kerberos user that feels that way.

You definitely are not.  I don't know how many times I've tried to explain
this to people.

-- 
Russ Allbery (eagle@eyrie.org)             <https://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post