Principal attributes and policy in LDAP Realm
Ken Raeburn
raeburn at MIT.EDU
Mon Jun 23 10:05:32 EDT 2008
On Jun 23, 2008, at 09:03, Simo Sorce wrote:
> Is there a specific reason why the database layer has not been
> abstracted appropriately ? Any chance we can work to fix these
> problems
> and come up with a better schema ?
Mostly lack of resources/priority/motivation/etc I guess; certainly no
reason why we don't want it done. But it's an issue that's been
getting more discussion lately in some of our internal meetings.
Have you followed the KDC information model and schema discussions
happening related to the IETF Kerberos working group? The discussions
were taking place on a couple of external mailing lists, not the main
working group mailing list:
http://mailman.mit.edu/mailman/listinfo/kdc-info
http://mailman.mit.edu/mailman/listinfo/kdc-schema
They're pretty quiet now, but you can check through the archives.
Ken
More information about the Kerberos
mailing list