Review of AEAD Encryption API Project; concluding December 5, 2008
Love Hörnquist Åstrand
lha at kth.se
Mon Dec 1 12:28:15 EST 2008
Sam, Luke, thanks for waiting the whole long weekend for comments.
I don't like making flags and type whole 32bit fields but can live
with it.
I don't like having a flag for sign only, even though that more like
how SSPI like does it, its a type and not a flag.
I don't like that flags are not specified for what types they are
valid for.
I don't like that there are no examples.
The second api, that I assume is called gss_*_aead, is not at all
specified. Even though its mentioned. Or is the simpler interface
STREAM ?
gss_wrap_iov_length() is under specified.
Re DCE, How does the caller now that know that the data is correctly
padded and how do they get the padding size of before performing any
operation given a gss_ctx_id_t ?
I'll sure there should be more questions showing up when this is tried
out more. But lets start with these.
Love
25 nov 2008 kl. 22:00 skrev Sam Hartman:
> Love, take a look at the Projects/GSSAPI
> DCE
> page
> .
>
> I believe it now includes enough of the GSS side API for comments.
More information about the krbdev
mailing list