[krbdev.mit.edu #1305] Spec considered
Sam Hartman via RT
rt-comment at krbdev.mit.edu
Wed Feb 5 16:31:18 EST 2003
Marc Horowitz pointed out that we need to be careful to preserve
behavior mandated by the spec. I've looked at the spec and I believe
that we can solve this provided that gss_inquire_cred still does
something useful with the default credentials.
I believe for example it would be reasonable to refresh the default
credentials during each init_sec_context and accept_sec_context call.
Provided that the system credentials have not changed, then things
will continue to work.
There are some multi-mechanism issues to consider eventually.
More information about the krb5-bugs
mailing list