Review of Projects/GSSAPI DCE concluding December 14, 2008

Jeffrey Hutzelman jhutz at
Mon Dec 1 16:12:53 EST 2008

--On Monday, December 01, 2008 10:09:13 AM -0500 Sam Hartman 
<hartmans at> wrote:

> I'm calling for a two week review of
>    The GSS-API DCE project proposes to add functionality found in SSPI to
> MIT Kerberos;       this functionality includes support for AEAD and
> support sufficient to implement DCE RPC          on top of MIT Kerberos.
> This project depends on and is a companion to Projects/AEAD
> encryption API.
> Ken Raeburn has already indicated that he'd like to see a different name
> than gss_wrap_aead for that API.

I have to ask why you're proposing adding proprietary extensions to the 
GSS-API involving structures and functions with gss_* names.  It seems like 
this is a suitable subject for standardization, and while you may not be 
interested in going down that route, using gss_* names without doing so 
seems like an exceptionally poor choice.

-- Jeff

More information about the krbdev mailing list