[krbdev.mit.edu #2676] feature proposal - programmatic retrieval of password expiry

Sam Hartman hartmans at MIT.EDU
Sat Aug 21 03:40:30 EDT 2004


>>>>> """ == " Paul Moore " via RT <rt-comment at krbdev.mit.edu> writes:

    "> Is this a useful feature. Would you like the diffs?


It sounds like a useful feature, but unfortunately not a useful API.
The problem is that things tend to get too cluttered if we keep adding
APIs like this to add one new argument.  krb5_mk_req_* is an example
of this gone badly.

The strategy we'd like to adopt is to add an extension mechanism to an
API whenever we find that the API is inadequate.  We've had some
internal discussions of how to do this for the gic API, but none have
been particularly satisfactory.



More information about the krb5-bugs mailing list