Review of Projects/GSSAPI DCE concluding December 14, 2008
Jeffrey Hutzelman
jhutz at cmu.edu
Mon Dec 1 16:12:53 EST 2008
--On Monday, December 01, 2008 10:09:13 AM -0500 Sam Hartman
<hartmans at mit.edu> wrote:
> I'm calling for a two week review of
> http://k5wiki.kerberos.org/wiki/Projects/GSSAPI_DCE
>
> The GSS-API DCE project proposes to add functionality found in SSPI to
> MIT Kerberos; this functionality includes support for AEAD and
> support sufficient to implement DCE RPC on top of MIT Kerberos.
> This project depends on and is a companion to Projects/AEAD
> encryption API.
>
>
>
> Ken Raeburn has already indicated that he'd like to see a different name
> than gss_wrap_aead for that API.
I have to ask why you're proposing adding proprietary extensions to the
GSS-API involving structures and functions with gss_* names. It seems like
this is a suitable subject for standardization, and while you may not be
interested in going down that route, using gss_* names without doing so
seems like an exceptionally poor choice.
-- Jeff
More information about the krbdev
mailing list