Subject: Re: ut oh..
To: Bill Sommerfeld <email@example.com>
From: Michael Graff <firstname.lastname@example.org>
Date: 03/22/1996 09:57:31
>This is a *bad* idea.
>This introduces a vulnerability to name-server based spoofing.
How is this less secure than the usual problems with DNS?
>I would strongly suggest that you print the server principal name you
>actually end up using if the client pulls this stunt..
It does print the host name. You would suggest printing, for example,
rcmd.isua2@IASTATE.EDU for the user?
explorer@packrat:~> telnet -ax isua
Connected to isua2.iastate.edu.
Escape character is '^]'.
[ Trying KERBEROS4 ... ]
[ Kerberos V4 accepts you ]
[ Kerberos V4 challenge successful ]
Michael Graff <email@example.com> NetBSD is the way to go!
PGP key on a key-server near you! Netshade the world!
Censorship is as pointless as a football bat.