[OpenAFS-devel] aklog on MacOS X was Re: Service Ticket Questions

Henry B. Hotz hotz at jpl.nasa.gov
Tue Mar 28 15:17:59 EST 2006

On Mar 27, 2006, at 10:25 PM, Harald Barth wrote:

>> Except, as I mentioned in my previous message, that you screw  
>> people who
>> are trying to do things which depend on them being separate.  Like  
>> using
>> different identities for different cells at the same time.  Or  
>> running an
>> application which uses Kerberos in such a way that file accesses  
>> it does
>> don't automatically trigger using your credentials to access AFS.
> *Waves hand*
> Example (with the heimdal utils):


You know the only thing that would *really* satisfy me is if Kerberos  
and AFS used the same ticket/token storage mechanism, and that  
mechanism had all the properties of PAG's (and there were proper  
tools for dealing with the storage).  None of the three camps have  
made fundamentally wrong design decisions, but I hate the results.

I'll shut up now.  I think we've beat this horse to death.

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu

More information about the krbdev mailing list