password change protocol implementation

Sam Hartman hartmans at MIT.EDU
Fri Feb 13 17:02:23 EST 2004

>>>>> "Ken" == Ken Hornstein <kenh at> writes:

    >> You want the real address in the auth_context at least on the
    >> server side.

    Ken> How come?  I mean, I'm trying to understand this, but I guess
    Ken> I'm just missing something.

I want the API to become easier to use over time, not harder.  As
such, I want the default behavior when we support directional
addresses to be that the receiver of a message will accept either
directional or non-directional addresses and the sender can easily
select address type.

I believe that your proposed implementation increases the complexity
of using the API and makes it likely that applications will
accidentally only support directional addresses and have other failure


More information about the krbdev mailing list