a suggestion for improving pkinit preauth plugin token choosing

Sam Hartman hartmans at MIT.EDU
Wed May 12 08:56:39 EDT 2010

I actually agree with henry that "please insert a token," should be out
of scope for preauth plugins.
My rationale is that the current prompter interface is kind of weak when
it interacts with GUIs etc, and the more we can avoid using it, the

For example, what should that prompt read? "Press enter," may be right
for a CLI instance, but will be wrongish for gdm.

I suspect Henry and I may be in the rough on this point.

More information about the krbdev mailing list