pkinit kinit/krb5.conf naming inconsistencies

Henry B. Hotz hotz at
Wed Sep 17 01:54:51 EDT 2008

On Sep 16, 2008, at 1:54 PM, Nicolas Williams wrote:

> On Tue, Sep 16, 2008 at 01:45:46PM -0700, Henry B. Hotz wrote:
>> On Sep 16, 2008, at 9:12 AM, krbdev-request at wrote:
>>> I'm assuming that Heimdal's kinit doesn't have this -x thing, that  
>>> in
>>> Heimdal if you want to override the system's krb5.conf you should  
>>> use
>>> the KRB5_CONFIG environment variable.
>> I care a lot more about rationalizing the krb5.conf file than the
>> command line options.  For reference:
> Meaning what?  That you don't care about the difference in naming in
> kinit -x?

Actually I don't see a -x option in 1.6.x either.  From context, I'm  
assuming that you follow it with some krb5.conf item you want to  
override?  If so, that would make my distinction meaningless.

>> kinit --pk-user=<x509 identity> --x509-anchors=<directory> --pk-use-
>> enckey ...
> Is the above how Heimdal does it?  I don't mind that, but I do mind
> kinit -x <param-name-that-doesn't-relate-to-krb5.conf>.
> In any case, I suppose that MIT filibusters by silence, thus nothing
> will change and I'm just wasting my time.

Who has commit rights?

I learned to have a lot of respect for Sam.  He seemed to have good  
reasons for what he was doing (and what he rejected).  OTOH I've  
always felt that MIT isn't as receptive as a normal open source  
project needs to be to keep volunteers interested.

> Nico
> --

More information about the krbdev mailing list