GSS_C_NO_NAME for desired_name in gss_acquire_cred()
Sam Hartman
hartmans at MIT.EDU
Thu Feb 23 21:36:16 EST 2006
>>>>> "Wachdorf," == Wachdorf, Daniel R <drwachd at sandia.gov> writes:
Wachdorf,> Is it generally excepted that using GSS_C_NO_NAME for desired_name in
Wachdorf,> gss_acquire_cred() causes the function to use the name provided in the
Wachdorf,> authentication context?
It's accepted that it causes the mechanism to use some reasonable
name. So for our mechanism I think the only reasonable choice for
initiators is the ticket you have.
OUr behavior for acceptors is incredibly useful--use whatever name is
provided in the ticket--but is perhaps somewhat non-standard. I
believe Solaris is implementing that behavior.
--sam
More information about the krbdev
mailing list