review of Projects/replay_cache_collision_avoidance, ending Jan. 12

Nicolas Williams Nicolas.Williams at
Tue Dec 30 17:45:26 EST 2008

On Tue, Dec 30, 2008 at 05:32:08PM -0500, ghudson at wrote:
> I would like to reconsider the presence of the hash algorithm
> identifier in the proposal.  The identifier was added in response to
> this exchange:


As long as there's a way to extend the rcache (and there seems to be)
then the hash algorithm ID is not really needed.  And I think we all
agree that it's very unlikely that we'll want to change whatever hash
algorithm is selected.

Also, for the longer term, I'd rather we have a CCAPI-like rcache type.
This would be particularly useful for clusters.  But the key is that the
rcache needs to be pluggable.  And any file format documentation should
encourage third parties who are considering re-implementing it to
consider a plug-in interface, or to re-use the plug-in interfaces from
MIT.  I'd really like to avoid the current situation where multiple
distinct implementations (with disjoint origins) implement the same
ccache/rcache/keytab file formats, with the ensuing constraints on
changing those formats.


More information about the krbdev mailing list