[Nicolas Williams <Nicolas.Williams@sun.com>] client-side pre-auth re-architecting
Nicolas Williams
Nicolas.Williams at sun.com
Wed Jan 1 02:30:00 EST 2003
On Tue, Dec 31, 2002 at 05:15:18PM -0800, Nicolas Williams wrote:
> On Tue, Dec 31, 2002 at 04:30:26PM -0500, Ken Hornstein wrote:
> > >I thought we were going to propose preauth type name using constant
> > >from RFC, string data name within the preauth rather than a single
> > >string.
> >
> > I think I'm missing some context here, or I'm confused. Exactly what
> > do you mean? (I'm clueless)
>
> Sam is referring to the generic pre-auth gic option API mentioned
> earlier in this thread.
>
> Sam,
>
> Thank you, you're right and I'd forgotten about that - I hadn't made a
> note of it.
Actually, I now think we shouldn't use the pre-auth numbers from the
protocol in this API. If you'll remember we also talked about
Kerberos extensions, and I proposed making the pre-auth identifiers into
an extensible CHOICE of INTEGER, with an eye to adding OBJECT IDENTIFIER
and RELATIVE-OID options in the future - I'd like that to remain
possible.
Happy New Year's,
Nico
--
More information about the krbdev
mailing list