Re: [SRM] krb5 changelog missing CVE
Philipp Kern <firstname.lastname@example.org> writes:
> On Wed, Jan 04, 2012 at 06:37:36PM +0100, Moritz Mühlenhoff wrote:
>> For all practical purposes the KDC is local to your trust context.
> For all practical purposes you also have it open so that your
> roadwarriors can get tickets.
Indeed, it's possible that your KDC is the most public service that you
run, since contacting it may be required to get access to your VPN,
depending on the VPN authentication mechanism.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>