Principal naming
Greg Hudson
ghudson at MIT.EDU
Sun Apr 12 12:19:30 EDT 2009
On Sun, 2009-04-12 at 00:20 -0600, Shawn M Emery wrote:
> Sorry for not being clear, some implementations can have permutations of
> various principal components in upper or lower case.
[...]
> I was also trying to find out if there is
> consensus with the various implementors on how case sensitivity and
> principal name syntax is handled, which looks like there is none.
MIT krb5's gss_import_name and krb5_sname_to_principal will always use
the lowercase form of a hostname in the second component.
As for the first component, if an application is using the wrong case of
the name it's a bug. The appropriate name for the host service is
"host", and I believe the appropriate name for the HTTP service is
"HTTP" (looking at
http://meta.cesnet.cz/cms/opencms/en/docs/software/devel/draft-brezak-spnego-http-04.txt) so any other cases of those names are incorrect.
More information about the krbdev
mailing list