With SCCM 2012 one of the wonderful feature that you get is the SCCM Cross Forest Implementation Made A lot Easy !!
For the best case scenario your cross forests should have Kerberos Authentication Between them . Even if there is no kerberos Authentication A two way external trust , One way External trust , non trusted forests
could be brought under one SCCM Site .
The only exception to this could be forests where strong DMZ restrictions/ Security restrictions could be present .