>>>>> "t" == t p <daedulus@xxxxxxxxxxxxx> writes:
t> Just to make public what I have hinted at privately, I think that steps
t> in section 4.1 may be somewhat underspecified.
t> A related issue is that section 4.1 prefers DNS to DHCP for Kerberos
t> information but the Security Considerations stress the weakness of
t> DHCP and recommend authenticating DHCP. What if DHCP is secure
t> and DNS is not? Should DNS still be preferred?
Yes probably.
DNS has been and will continue to be the dominant way to discover KDCs.
I see this as a specialized DHCP option for certain deployments, not
something you'll see in the enterprise for desktops or laptops as an
example.
I mean some people may deploy it, but I suspect that you won't see it in
most situations where DNS works well today.
So, basically in all cases, including preconfigured DNS servers, I'd
expect DNS to be preferred.
Note that choosing the right KDC does impact availability--if you have
the wrong KDC it won't work.
In general though, choosing the wrong KDC does not compromise
authentication. It's a bit more complex than that, but KDC location has
not generally been considered security sensitive.