living in a multi-mech world
Nicolas Williams
Nicolas.Williams at sun.com
Tue May 1 12:54:47 EDT 2007
On Tue, May 01, 2007 at 12:11:16PM -0400, Sam Hartman wrote:
> >>>>> "Tom" == Tom Yu <tlyu at MIT.EDU> writes:
> Tom> I think it's reasonable for someone to want to have a SPNEGO
> Tom> mechanism support only the krb5 mech, for example, so the
> Tom> SPNEGO mech could load the krb5 mech and dlsym() the GSS-API
> Tom> entry points.
>
> I think this is overly complex.
And since SPNEGO would still have to pass the right OID / other
mechanism context to the krb5 mech there'd be zero benefit to
dlopen()ing the mechanism directly instead of using a mechglue
(provided, of course, that there is a mechglue).
> You can specify a specific oid into the mechglue.
You have to.
More information about the krbdev
mailing list