replacing MIT's ASN.1 code
Sam Hartman
hartmans at MIT.EDU
Tue Oct 16 09:39:20 EDT 2007
>>>>> "JC" == JC Ferguson <jc at f5.com> writes:
JC> Supporting two API's for ASN.1 encoding is an interesting
JC> idea. I haven't looked closely at how the current ASN.1 is
JC> abstracted to the callers. To do this, you'd have to insert a
JC> 'shim' between the callers of the ASN.1 stuff and the actual
JC> ASN.1 implementation. Then, as you suggest, ./configure
JC> --use-new-asn1 or some such and you get the new
JC> implementation.
I think that supporting two APIs at the same time would be a lot of
work.
I'd like to throw out the approach of a gradual transition. First,
start using a2c for pkinit and for LDAP and other new structures.
Over time as we have confidence, gradually switch structures over.
The disadvantage is code size. The advantage is hopefully maintaining
stability.
--Sam
More information about the krbdev
mailing list