Hi Chuck, I noticed an interesting behaviour by the linux server. If I were to mount the linux server with vers=4.0,sec=sys,xprtsec=tls, acquire a delegation, and trigger a CB_RECALL, then it is done with gss integrity. Why is that? I thought callback is supposed to be done with the same security flavor as the forechannel. But then also callback isn't done over TLS. Should the callback be done over TLS (and it's a future implementation to do for client/server)? Or is this a spec restriction/limitation? Thank you.
