RX Kerberos 5 security class requirements of Kerberos library
jaltman at secure-endpoints.com
Wed Jan 3 14:04:26 EST 2007
Sam Hartman wrote:
> I don't seem to have Jeff's original message with the prototype although I do have a reply to that message.
> Jeff's API really has a lot of arguments. I think that we've learned
> from KLL and CCAPI that by the time you have that many arguments you
> want to be using a structure similar to get_init_creds with an options
> It also seems like you only support passing in one authorization data
> item and one address. That seems wrong.
Here is a prototype for a convenience function that will wrap gic
krb5_creds** out_creds /* out */ )
The flags field may never be used.
The start and end times were replaced with ticket lifetime since
that is what gic accepts.
More information about the krbdev