Pasword quality pluggable interface project review

Sam Hartman hartmans at MIT.EDU
Mon Aug 30 18:22:11 EDT 2010

>>>>> "Greg" == Greg Hudson <ghudson at MIT.EDU> writes:

    >> I agree the existing error codes are pretty narrowly scoped.  I'm not
    >> sure how I'd add more to be useful, given the error codes should be
    >> remotely visible.

    Greg> It's apparent to me now that there's a lot of room for improving our
    Greg> support for password quality errors over the password change protocol.
    Greg> For schedule reasons, I'm going to defer that to future work--in
    Greg> particular, to the part of the future after we have localization.

I can understand deferring revising our set-change password support.
However, as Russ pointed out, the existing change protocol has a way for
a text error to come back--Heimdal does that.  I think we need to at
least support this in the plugin interface even if you don't write the
glue now to make it work.

More information about the krbdev mailing list