diff --git a/appl/telnet/telnet/main.c b/appl/telnet/telnet/main.c
index 58730aae3..08f304623 100644
--- a/appl/telnet/telnet/main.c
+++ b/appl/telnet/telnet/main.c
@@ -112,7 +112,6 @@ set_forward_options(void)
 }
 
 #ifdef KRB5
-/* XXX ugly hack to setup dns-proxy stuff */
 #define Authenticator asn1_Authenticator
 #include <krb5.h>
 static void
@@ -120,24 +119,29 @@ krb5_init(void)
 {
     krb5_context context;
     krb5_error_code ret;
+    krb5_boolean ret_val;
 
     ret = krb5_init_context(&context);
     if (ret)
 	return;
 
-#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD)
-    if (krb5_config_get_bool (context, NULL,
-         "libdefaults", "forward", NULL)) {
+#if defined(AUTHENTICATION) && defined(FORWARD)
+    krb5_appdefault_boolean(context, NULL,
+			    NULL, "forward",
+			    0, &ret_val);
+    if (ret_val)
 	    kerberos5_set_forward(1);
-    }
-    if (krb5_config_get_bool (context, NULL,
-         "libdefaults", "forwardable", NULL)) {
+    krb5_appdefault_boolean(context, NULL,
+			    NULL, "forwardable",
+			    0, &ret_val);
+    if (ret_val)
 	    kerberos5_set_forwardable(1);
-    }
 #endif
 #ifdef  ENCRYPTION
-    if (krb5_config_get_bool (context, NULL,
-        "libdefaults", "encrypt", NULL)) {
+    krb5_appdefault_boolean(context, NULL, 
+			    NULL, "encrypt",
+			    0, &ret_val);
+    if (ret_val) {
           encrypt_auto(1);
           decrypt_auto(1); 
 	  wantencryption = 1;