Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us> writes:

> This change introduces a potential security vulnerability (due to
> DNS spoofing) and should be backed out until we include a secure
> resolver.

I don't know what this change is about, but my guess is that it's
`just' another DOS attack you're talking about. With cross-realm stuff
in k5 it could get worse, but you can argue that you're screwed anyway
if that happens.

/Johan