From 93940592613958f15e96884b302a03a3b83afc28 Mon Sep 17 00:00:00 2001
From: Magnus Hagander <magnus@hagander.net>
Date: Wed, 14 Nov 2007 14:25:55 +0000
Subject: [PATCH] Add note about deprecating krb5 authentication in favour of
 GSSAPI, per discussions (a long time ago). Documentation only, we keep full
 support in the code.

---
 doc/src/sgml/client-auth.sgml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index fd1b25ac78..4e874b7272 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -1,4 +1,4 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.103 2007/11/09 23:52:08 momjian Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.104 2007/11/14 14:25:55 mha Exp $ -->
 
 <chapter id="client-authentication">
  <title>Client Authentication</title>
@@ -722,6 +722,15 @@ local   db1,db2,@demodbs  all                         md5
     <primary>Kerberos</primary>
    </indexterm>
 
+   <note>
+    <para>
+     Native Kerberos authentication has been deprecated and should be used
+     only for backward compatibility. New and upgraded installations are
+     encouraged to use the industry-standard <productname>GSSAPI</productname>
+     authentication (see <xref linkend="gssapi-auth">) instead.
+    </para>
+   </note>
+
    <para>
     <productname>Kerberos</productname> is an industry-standard secure
     authentication system suitable for distributed computing over a public
-- 
2.49.0