[OpenAFS-devel] aklog on MacOS X was Re: Service Ticket Questions
Henry B. Hotz
hotz at jpl.nasa.gov
Tue Mar 28 15:17:59 EST 2006
On Mar 27, 2006, at 10:25 PM, Harald Barth wrote:
>> Except, as I mentioned in my previous message, that you screw
>> people who
>> are trying to do things which depend on them being separate. Like
>> using
>> different identities for different cells at the same time. Or
>> running an
>> application which uses Kerberos in such a way that file accesses
>> it does
>> don't automatically trigger using your credentials to access AFS.
>
> *Waves hand*
>
> Example (with the heimdal utils):
;-)
You know the only thing that would *really* satisfy me is if Kerberos
and AFS used the same ticket/token storage mechanism, and that
mechanism had all the properties of PAG's (and there were proper
tools for dealing with the storage). None of the three camps have
made fundamentally wrong design decisions, but I hate the results.
I'll shut up now. I think we've beat this horse to death.
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the krbdev
mailing list