On Fri, Jun 15, 2012 at 12:19 AM, Russ Allbery <r...@stanford.edu> wrote: > Jan-Piet Mens <jpmens....@gmail.com> writes: >> Related: Is it possible to configure the wallet servername via a DNS >> SRV/TXT record? (Haven't checked the source code -- sorry.) > > Not currently. It's a little tricky to use a SRV record for this since > wallet doesn't have its own port (it just uses remctl), and normally SRV > records are tied to services with unique port assignments. I could just > make up some TXT record convention, but I feel weird about that.
Just like there are _kerberos._udp and _kerberos-master._udp sharing daemons and ports, I see no reason there couldn't be a _wallet._tcp SRV record. > There are also security issues with trusting DNS if you don't have DNSSEC > configured. How are they different from trusting DNS to correctly resolve a statically configured server? -- Mantas Mikulėnas ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
