[Bug 571572] Re: krb5 prefers the reverse pointer no matter what for locating service tickets.
Russ Allbery
rra at debian.org
Thu Apr 29 19:25:21 BST 2010
Sam Hartman <hartmans at debian.org> writes:
> Well, everything should work fine if you make your DNS consistent.
> Honestly if I was going to make a behavior change here I'd have Firefox
> call gss_import_name with a name type that does not involve resolution.
The main place where you cannot make DNS consistent is if you have a web
service that uses DNS-based load-balancing. That's where we ran into that
issue. The public name is a CNAME that points to the least-loaded host
(which is dynamically discovered by the DNS server).
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
--
krb5 prefers the reverse pointer no matter what for locating service tickets.
https://bugs.launchpad.net/bugs/571572
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list