Projects/replay_cache_collision_avoidance and replay cache uses
Jeffrey Hutzelman
jhutz at cmu.edu
Tue Jan 13 13:18:42 EST 2009
--On Tuesday, January 13, 2009 11:17:07 AM -0600 Nicolas Williams
<Nicolas.Williams at sun.com> wrote:
> Back to hash agility for a moment. As discussed, it's really hard to do
> hash agility per-entry, and I won't propose that we do.
>
> But it'd be nice if there was an rcache header entry naming the hash
> function to use for that rcache.
>
> New rcache implementations that support the hash named in the rcache
> header entry should use it, otherwise they should act as old rcache
> implementations.
>
> Finally, allow for the hash function for new rcaches to be specified in
> krb5.conf.
>
> This gets us hash agility at little cost. And not all of it need be
> implemented now -- it suffices to have the header entry, with the rest
> to be added later.
>
> But NOT having such a header entry (naming a hash funciton, or rcache
> version, or something) WILL complicate hash agility later.
Is there currently any kind of header? I guess I sort of assumed there was
an extensible header there.
More information about the krbdev
mailing list