On Mon, Aug 06, 2018 at 10:36:34AM -0400, Stephen Frost wrote: > * Heikki Linnakangas (hlinn...@iki.fi) wrote: > > Sorry if this sounds facetious, but: > > > > What is the point of this patch? What's the advantage of GSSAPI encryption > > over SSL? I was hoping to find the answer by reading the documentation > > changes, but all I can see is "how" to set it up, and nothing about "why". > > If you've already got an existing Kerberos environment, then it's a lot > nicer to leverage that rather than having to also implement a full PKI > to support and use SSL-based encryption. > > There's also something to be said for having alternatives to OpenSSL.
Those two reasons would be my motivation if I were implementing this, and they are some of the reasons I did a code review. Nico --
