Support for Microsoft Set Password protocol

Sam Hartman hartmans at MIT.EDU
Tue Apr 1 16:38:43 EST 2003

Paul Nelson has contributed code to implement the client side of the
Microsoft set password protocol.  We're going to accept this code for
1.3; I have audited the code and am working on making a few changes
and integrating it now.

I do need to resolve one API question.  Paul proposes introducing a
krb5_set_password API that works much like the old
krb5_change_password API.

How will this interact with eventual support for Nico's set-change
password draft (it doesn't seem to exist in the ID repository yet).

Do we plan to try the IETF standard and if that fails fall back to the
Microsoft spec, or do we plan to require application authors to
specify what version they want?  Do we have a requirement to offer
applications an option to force use of the Microsoft protocol?

If we plan to use the IETF spec and fallback, then I think Paul's API
proposal is fine.

Comments welcome,

More information about the krbdev mailing list