kerberos-configs (1.8) unstable; urgency=low

  For Heimdal users only: The default krb5.conf now tells Heimdal to
  create ticket caches that are compatible with MIT Kerberos.  However,
  your existing krb5.conf will not be changed to avoid invalidating
  existing caches during an upgrade and to avoid overwriting local
  configuration.

  If you have an existing krb5.conf file and want the new behavior (which
  will be the default in Heimdal 0.7 and later), add:

      fcc-mit-ticketflags = true

  to the [libdefaults] section of krb5.conf.

 -- Russ Allbery <rra@stanford.edu>  Mon, 07 Nov 2005 16:53:55 -0800

kerberos-configs (1.6) unstable; urgency=low

  As of MIT Kerberos 1.3, the default in the code for encryption types is
  correct, and these values do not need to be specified in the
  configuration file.  Doing so will break things when new encryption
  types are added, as was done in the 1.3 release.  Thus on the upgrade to
  krb5-config 1.6, the encryption types in /etc/krb5.conf are commented
  out if they have not been modified by the user.

 -- Sam Hartman <hartmans@debian.org>  Sun,  5 Oct 2003 16:15:24 -0400