password change protocol implementation
Sam Hartman
hartmans at MIT.EDU
Fri Feb 13 17:02:23 EST 2004
>>>>> "Ken" == Ken Hornstein <kenh at cmf.nrl.navy.mil> writes:
>> You want the real address in the auth_context at least on the
>> server side.
Ken> How come? I mean, I'm trying to understand this, but I guess
Ken> I'm just missing something.
I want the API to become easier to use over time, not harder. As
such, I want the default behavior when we support directional
addresses to be that the receiver of a message will accept either
directional or non-directional addresses and the sender can easily
select address type.
I believe that your proposed implementation increases the complexity
of using the API and makes it likely that applications will
accidentally only support directional addresses and have other failure
modes.
--Sam
More information about the krbdev
mailing list