Volker Lendecke wrote:
On Tue, Jan 30, 2007 at 12:13:01AM -0800, Howard Chu wrote:
When invoked from Cyrus SASL it will only offer confidentiality if the sasl-secprops are set with minssf > 1. Since you're talking about your own private SASL implementations obviously we can't tell.
Hmmm. I have to look at Cyrus SASL, but I don't see a way how it would be able to not negotiate it. I'm talking about line 514ff in src/lib/gssapi/krb5/init_sec_context.c of MIT krb 1.5.1:
Sounds like a question for an MIT Kerberos list. I haven't looked at the MIT code in a while and don't plan to any time soon. Anyway, it's not an appropriate use of this list to explore those details here.