Kerberos: The Definitive Guide now available

Wyllys Ingersoll wyllys.ingersoll at
Thu Aug 21 14:47:55 EDT 2003

Dick Joltes wrote:
> Wyllys said:
>> Im not sure how much of the Kerberos API is considered "stable" (i.e.
>> not subject to change from revision to revision).  Writing a book
>> about the API as it stands today in 1.3 might be out-of-date in a
>> year or whenever 1.4 comes out.
>> The API is not-standard, it is not specified by any RFC, thus its harder
>> to document it definitively.
> True enough, but at least one site I've seen discriminates between the
> (unstable) internal functions and the (hopefully more stable) exposed
> API.  The exposed stuff must be more stable since there are people out
> there writing applications against it and using others that have been
> around for a while.  I wouldn't attempt to document internals except
> to say "use this at your own risk."
>> Microsoft documented much of what you are asking about recently.
>> I don't have a link handy, but you can search for it on MSDN website
>> or maybe someone reading this list will post it.
> Maybe this is the URL you're thinking of:

Thats part of it, but they also published a much more detailed
document, complete with code samples and everything needed to
implement it.

> Take a look at

Yup, seen it.  Its nice, but it does not use SPNEGO.


More information about the Kerberos mailing list