Comment 8 for bug 571572
Revision history for this message
| Russ Allbery (rra-debian) wrote Re: [Bug 571572] Re: krb5 prefers the reverse pointer no matter what for locating service tickets. | #8 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Sam Hartman <email address hidden> writes:
> Well, everything should work fine if you make your DNS consistent.
> Honestly if I was going to make a behavior change here I'd have Firefox
> call gss_import_name with a name type that does not involve resolution.
The main place where you cannot make DNS consistent is if you have a web
service that uses DNS-based load-balancing. That's where we ran into that
issue. The public name is a CNAME that points to the least-loaded host
(which is dynamically discovered by the DNS server).
--
Russ Allbery (<email address hidden>) <http://