replacing MIT's ASN.1 code
Ken Raeburn
raeburn at MIT.EDU
Mon Oct 15 18:41:03 EDT 2007
On Oct 15, 2007, at 18:24, Nicolas Williams wrote:
>>> -----Original Message-----
>>> From: krbdev-bounces at mit.edu [mailto:krbdev-bounces at mit.edu]
>>> On Behalf Of Ken Raeburn
>>> Sent: Monday, October 15, 2007 17:11
>>> To: Kerberos developers list
>>> Subject: replacing MIT's ASN.1 code
>
> I never got this e-mail.
Weird. Spam filter? http://mailman.mit.edu/pipermail/krbdev/2007-
October/thread.html#6263 has all the traffic so far. (Though my
reply to JC shows up as a separate thread for some reason.)
>>> So it's not a trivial task, but I think for long-term
>
> No, but it's doable; I see no showstoppers. I think it will be a
> question of priorities. Ideally one could build MIT krb5 with the old
> ASN.1 code or with a2c (except for future additions, which should use
> a2c exclusively) -- that would make interop and quality testing
> easier.
I'm wary of shipping additions that only work with one of the ASN.1
packages, while we ship both. If we've gotten confident enough in
the new code, we should ship only that. If we're not that confident,
should we be making people who want the new features depend on it?
I suppose it would be a way to incrementally convert from one to the
other; I hadn't thought about it that way -- if we're confident in
it, but haven't put in the work to switch everything over just yet.
(But then how did we get to that confidence level?) And if we decide
we *don't* have a high confidence level in some part of it for some
reason, and thus can't switch for certain messages, we're stuck using
two ASN.1 packages. (Forking and customizing A2C on our own would be
an option, though an unpleasant one.)
Ken
More information about the krbdev
mailing list