pkinit kinit/krb5.conf naming inconsistencies
Henry B. Hotz
hotz at jpl.nasa.gov
Wed Sep 17 01:54:51 EDT 2008
On Sep 16, 2008, at 1:54 PM, Nicolas Williams wrote:
> On Tue, Sep 16, 2008 at 01:45:46PM -0700, Henry B. Hotz wrote:
>> On Sep 16, 2008, at 9:12 AM, krbdev-request at mit.edu wrote:
>>> I'm assuming that Heimdal's kinit doesn't have this -x thing, that
>>> Heimdal if you want to override the system's krb5.conf you should
>>> the KRB5_CONFIG environment variable.
>> I care a lot more about rationalizing the krb5.conf file than the
>> command line options. For reference:
> Meaning what? That you don't care about the difference in naming in
> kinit -x?
Actually I don't see a -x option in 1.6.x either. From context, I'm
assuming that you follow it with some krb5.conf item you want to
override? If so, that would make my distinction meaningless.
>> kinit --pk-user=<x509 identity> --x509-anchors=<directory> --pk-use-
>> enckey ...
> Is the above how Heimdal does it? I don't mind that, but I do mind
> kinit -x <param-name-that-doesn't-relate-to-krb5.conf>.
> In any case, I suppose that MIT filibusters by silence, thus nothing
> will change and I'm just wasting my time.
Who has commit rights?
I learned to have a lot of respect for Sam. He seemed to have good
reasons for what he was doing (and what he rejected). OTOH I've
always felt that MIT isn't as receptive as a normal open source
project needs to be to keep volunteers interested.
More information about the krbdev