How to extend kadmin
Nicolas Williams
Nicolas.Williams at sun.com
Mon Oct 26 17:35:09 EDT 2009
On Mon, Oct 26, 2009 at 10:31:11PM +0100, Luke Howard wrote:
> >This doesn't achieve much. You could not, for example, change the
> >arguments/results of any RPCs this way.
>
> We can because the api_version is included in the relevant data
> structures. I prefer to avoid proliferation of RPCs for simply varying
> the data structures: look how horrible [MS-SAMR] looks because of this.
With BER/DER/CER you can always reasonably turn a field of a SEQUENCE
into a CHOICE and negotiate use of alternative CHOICEs.
With PER-like encodings you have to think ahead and add extensibility in
the right places, else you must add new procedures/operations/whatever
you want to call them, or you must have truly fancy syntax that allows
you to indicate alternatives which the encoders/decoders must receive
indications of parametrically. As it is, if you try turning some field
into a CHOICE then you can no longer use machine-generated code.
XDR is a PER-like encoding. And XDR is not that fancy a syntax.
But see my response to Jeff. I would, in fact, rather move to an
LDAP-based solution.
Nico
--
More information about the krbdev
mailing list