FYI: krb5-realm.com/net/org

• Previous message (by thread): Nordnog-2 Agenda items
• Next message (by thread): NANOG 27 (Feb. 9-11, Phoenix)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is purely an FYI.

A non-fatal bug exists with regards to authentication in the following
operating systems:
  FreeBSD 4.4 (at least)
  Allegedly in OpenBSD 3.0, 3.1 and 3.2 (untested)

And in the following packages when kerberos authentication is compiled
into them on the above operating systems:
  OpenSSH 2.3.0 (at least. not sure about newer versions)
  UW imapd, Pine, and other packages which are linked against the kerberos
  libraries

I'm not blaming any of these packages, so please let no-one get up in arms
about that :-)

The bug revolves around the libraries trying to lookup TXT records in DNS
for krb5-realm.'your_tld'.
I control the name servers for krb5-realm.com/net/org

It has been reported that when this nameserver goes down, authentication
can take a very-long-time. I believe what happens is that authentication
*failures* take a very-long-time.

This is just a notification that the name servers for these domains will
be changing in the next 48 hours. It shouldn't be a problem, but incase
people see odd issues as described above, which I usually get mails and
such about later, this may be the reason.

• Previous message (by thread): Nordnog-2 Agenda items
• Next message (by thread): NANOG 27 (Feb. 9-11, Phoenix)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]