RFC 2712 is broken, since it doesn't provide mutual authentication,
and as far as I know, the Kerberos community doesn't recommend it.
Are you sure you want to use RFC 2712?
There are discussions in the IETF to support GSS-API in TLS, which is
the proper way to solve this, but there isn't any consensus in the
TLS WG. Possibly one of the draft will be implemented by Microsoft,
and GnuTLS could implement it, but someone needs to do the job (or
pay someone to do it).
/Simon
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
