[OpenAFS-devel] More on aklog
Ken Hornstein
kenh@cmf.nrl.navy.mil
Mon, 11 Oct 2004 22:10:18 -0400
>Jeff Altman explained why in the RT ticket you opened; Basically, "because
>it can lead to 2 principals being treated as the same one".
I feel it's only fair to say that I know someone that got screwed,
hard, because of this code. Yeah, it can lead to two principals
being treated the same: so what? So far it's only seemed to cause
people problems, because this _USED_ to work fine with krb524d,
which people used FOR YEARS without any problems, confusion or
security incidents. The end result is that it's not a seamless
upgrade from a V4 ticket to a V5 ticket with krb524d, and that
sucks.
--Ken