FIPS certification
Theodore Tso
tytso at MIT.EDU
Sat Feb 28 16:03:25 EST 2009
On Sat, Feb 28, 2009 at 01:07:50PM -0500, Ken Raeburn wrote:
> We'd also still need to handle the krb5_keyblock structure embedded in
> krb5_creds; in that instance it wouldn't be extensible.
>
> It'd be so nice to be able to do a new API for a v2.0 someday. :-)
But then I wouldn't be able to use Krb5 as the poster child for badly
designed legacy API's that make ABI compatibility really hard any
more. <grin>
(My excuse, since a large amount of it was my fault, was that I was
young and folish.... :-)
Seriously, that might not be a bad idea, one of these days....
- Ted
More information about the Kerberos
mailing list