* Magnus Hagander (mha@sollentuna.net) wrote:
> The way our Kerberos implementation is done, it does *not* validate the
> server, just the client. If you want server verification, you must use a
> combination of both Kerberos and SSL.
Eh? We use mutual authentication in Kerberos...
Stephen