Proposal to export gssapi context
Sam Hartman
hartmans at MIT.EDU
Wed Mar 24 15:41:34 EST 2004
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
Nicolas> On Wed, Mar 24, 2004 at 03:27:45PM -0500, Sam Hartman wrote:
>> >>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
>>
Nicolas> On Wed, Mar 24, 2004 at 02:49:38PM -0500, Sam Hartman wrote:
Sam> I don't think having a macro for the current version in a public
Sam> header is a good idea. People might use it and failing to think of a
Sam> way of using it that would be correct.
>>
Sam> The version number should be in the structure name.
>>
Nicolas> IIRC I convinced Sam on the phone that it is entirely possible to have
Nicolas> an interoperable standard for exported context tokens for the Kerberos V
Nicolas> mechanism.
>>
>> But you didn't convince me we were doing that nor that we should be
>> doing that for this application.
>>
>>
>> The NFS implementation would rather deal with a C struct than
>> something they have to parse. That's clearly outside the scope of the
>> IETF.
Nicolas> For an Internet-Draft I'd insist on ASN.1.
Agreed, ASN.1 for the ID.
Nicolas> For this purpose I think XDR
Nicolas> is quite appropriate (newsflash: the NFS implementation already uses XDR
Nicolas> in the kernel :) so using XDR here does not add any significant burden
Nicolas> on the kernel).
But does one non-standard approach have a significant cost over
another? I.E. what do we gain by adding a parsing step here if we
aren't going to standardize it?
More information about the krbdev
mailing list