>I think that's false. I believe that krb5_rd_req will end up setting >up a rcache later.
I think Cesar is right, actually. krb5_rd_req will only set up a replay cache if you pass in the "server" argument, which is set from creds->princ, which is NULL if you call the gss function with GSS_C_NO_CREDENTIAL. I believe this is why raw Kerberos apps (like telnetd) explicitly set up a replay cache; those apps generally will accept any principal on a host. --Ken ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
