kwc at citi.umich.edu
Thu Dec 7 13:17:01 EST 2006
On 12/7/06, Sam Hartman <hartmans at mit.edu> wrote:
> Wait, why does krb5_get_init_creds_opt_set_pa take things like a
> password and principal and etc. I don't understand why it takes more
> than a patype, attribute and value?
Because they were needed to emulate
krb5_get_init_creds_opt_set_pkinit() which looks like:
const char *user_id,
const char *x509_anchors,
char * const * pool,
char * const * pki_revoke,
I assumed that the plugin may have to prompt for the PIN. I think
Heimdal allows getting a password from a file.
More information about the krbdev