MIT Incremental Propagation

John Hascall john at iastate.edu
Fri Sep 21 16:29:16 EDT 2007


> > I haven't studied it all that extensively,
> > so correct me if I am wrong, but with the
> > new "DAL" stuff there is now an opportunity
> > to do a 'proper' job of multi-master KDCs
> > (dare I say it) in a "ubik-like" or "AD-like"
> > manner.

> There are plenty of LDAP servers suitable for backending the KDC that
> support incremental and/or multi-master replication.

That, I suppose, depends on your definition of "suitable".
It certainly isn't suitable to me.  The size of the KDC
codebase is big enough to worry about, throwing something
like an entire LDAP server into the mix is a whole 'nother
kettle of fish.

John



More information about the Kerberos mailing list