Heimdal compatibility

Jeffrey Hutzelman jhutz at cmu.edu
Mon Aug 7 12:13:49 EDT 2006

On Sunday, August 06, 2006 01:53:05 PM -0400 Sam Hartman <hartmans at mit.edu> 

> How do we balance these concerns against the equally valid desires to
> minimize divergence and to allow people to reuse code where
> appropriate.  I'm looking for options that MIt can implement
> unilaterally.  I'd be delighted if we had more coordination with
> Heimdal on issues like this, but I cannot depend on that being the
> case.

I don't think there's anything you can do unilaterally that you'll like. 
What you're talking about is basically maintaining a minimum level of 
interoperability without tying your hands with regard to adding new 
features in the future.  I can think of only three ways to get 
interoperability.  The first two are coordination and luck.  The third 
involves implementing everything the thing you want to be interoperable 
with does, and being very sparing with adding new features yourself.  I 
assume MIT does not want to follow that path.

What I'd suggest is coming to an agreement about the minimal common schema 
you need in order for the KDC to provide basic functionality, a way to 
divide up the remaining namespace so you don't step on each others' toes, 
and a perhaps a way to indicate the presence of a critical extension.  Note 
that if you think you need the last for interop, you probably also need it 
to support cross-version compatibility within your own implementation.

Once the initial agreement is in place, everything else can be done 

-- Jeff

More information about the krbdev mailing list