Kernel subset design issues

Sam Hartman hartmans at MIT.EDU
Tue Apr 26 04:19:50 EDT 2011

>>>>> "Nico" == Nico Williams <nico at> writes:

    Nico> I never understood why we need to distinguish between
    Nico> "exported sec context" and "exported lucid sec context",
    Nico> except as a way to avoid cleaning up the existing sec context
    Nico> export/import functions...  Here's your chance to make that
    Nico> distinction go away.

At the time we didn't want to standardize  our export token format.

In the lucid structure, the userspace code is responsible for making the
exported context right for what the kernel supports.
If we standardize something we'd need to standardize something
extensible and  the kernel would need to skip parts of it.

Here, note that by standardize I mean write down, not something within
the IETF.

More information about the krbdev mailing list