> > Last chance for any Kerberos 4 users to speak up --- otherwise I'll
> > apply this soon.
>
> If you just want someone to test it I can do that. I don't
> actually use it normally though.
I don't think "just testing" is enough - somebody needs to actually
maintain it...
> As far as security issues the only issues I'm aware of is a)
> it uses plain DES which is just a 56 bit key and crackable by
> brute force and b) cross-domain authentication is broken.
Yeah. But it has been declared dead by the Kerberos folks
(http://www.faqs.org/faqs/kerberos-faq/general/section-7.html. And this
document is from 2000, an dit was declared already then)...
//Magnus
