---- Original message ----
>Date: Sat, 15 Jul 2006 23:18:53 -0300
>From: "Gustavo Rios" <rios.gustavo@gmail.com>
>Subject: Kerberos
>To: misc@openbsd.org
>
>Well, here i am again.
>
>I was expecting that the granted ticket always hold the address to
>which it is valid. After obtaining a ticket by means of kinit, i got
>the following:
>
>$ kinit
>grios@SSO.NET's Password:
>$ klist -v
>Credentials cache: FILE:/tmp/krb5cc_1000
> Principal: grios@SSO.NET
> Cache version: 4
>
>Server: krbtgt/SSO.NET@SSO.NET
>Ticket etype: des3-cbc-sha1, kvno 1
>Auth time: Jul 15 23:11:42 2006
>End time: Jul 16 03:11:42 2006
>Renew till: Aug 14 23:11:42 2006
>Ticket flags: renewable, initial
>Addresses:
>

just checked this on a local machine and the addresses field is filled out
correctly. the IP also follows the ticket when using a forwardable one (kinit
-f). look at the default krb5.conf that comes with openbsd and add options until
you find which one breaks this.

you may have to fish online for some of the option descriptions since stuff like
correct_des3_mic aren't in the manpage for krb5.conf. is there any plan to
update the manpage with these missing options?

>The address information line is empty. I don't understand why!
>
>Here you have my krb5.conf:
>
<insert giant config file>