MEMORY keytabs - how should they be destroyed?

Jeffrey Hutzelman jhutz at
Thu Jan 25 05:49:21 EST 2007

On Wed, 24 Jan 2007, Sam Hartman wrote:

> I don't have a problem with krb5_kt_destroy() if we conclude that
> memory keytabs want to work like memory ccaches and be referenced
> through krb5_kt_resolve.

I think this is the right approach.  Memory keytabs should work just like
any other keytab.  They should be resolvable via krb5_kt_resolve, and
should not mysteriously disappear when not in use.  I have written code
which uses memory keytab support in heimdal, and find the destroy-on-close
semantic annoying at best.

> It's not very clear to me.  That seems like an excellent way for a key
> to end up being used in an unintended scope.  My recommended
> implementation would be for memory keytabs to be created giving you a
> keytab handle that you must pass to anyone who can access the key
> material.

A function which does this might be interesting, but it would be a
backend-specific interface, and I believe that being able to exclusively
use the backend-independent API is important.

-- Jeff

More information about the krbdev mailing list