On 21 Mar 1997, Marc Horowitz wrote:

> If you need krb4 working quickly, then skip the integration step
> which, because of export concerns, has many unresolved issues.  Just
> get a copy of the separate krb4 release (or the krb5 release, if the
> compat features of that are adequate), build it, and install it.
> 
one little comment. I would stay away from krb4 altogether. krb5v1.0 compiles
cleanly on NetBSD. There is also now an exploit for krb4 floating around that 
is HIGHLY effective  in cracking the passwds in a v4 database. We just went
to krb5 completely in a night because of it. I wouls stay away from v4 at
all costs. At this point it is no more secure that /etc/passwd.

rob

------------------------------------------------------------------------------
"Off the keyboard, through the CPU, | deker@digex.net 
out the transceiver, down the rj45  | Systems Engineer
line, across the router, through    | 
the Hub, out the gateway.           |  
        Nothing but net."           | 
-----------------------------------------------------------------------------