Let the coda-principal, allowing users to acces servers in a specified
CODA.REALM, be coda/<CODA.REALM>.
For kerberos realm, I'd say in KRB.REALM obtained by using the normal
kerberos config mechanisms to find the KRB.REALM which corresponds to
the 'host' CODA.REALM. I don't see that contacting coda servers is
really any different than any other service. There may be a
requirement that all servers have to be in the same realm, or not.
But I think here we are talking about auth2, not kerberos, and there
tend to be fewer of those servers.
--
Greg Troxel <[EMAIL PROTECTED]>
