Using KfM's credentials cache with Krb5 1.3 on OS X 10.2.6

[Sam Hartman]

One quick thought.  Distributing a new shared library is probably a
bad idea unless you are willing to commit to the ABI and name of that
library and arrange to make sure it is available in the right places.

Distributing a static library is also problematic.  I don't know to
what extent we guarantee that the client sides of the RPCs to the
cache server will be stable between versions of KFM.  I believe we do
make this guarantee for KFW, but suspect we are actually fairly
willing to change these interfaces without notice on the KFM side.


I think long-term we'd like to be able to build krb5 to use CCAPI
everywhere, but we would not be interested in supporting patches to do
so right now.  There may need to be some other things that change
first.

Also, since you specifically mentioned new encryption types, please
note that there is a significant problem with krb5 1.3 and we plan to
be releasing a beta of 1.3.1 shortly.