Kernel subset design issues
Sam Hartman
hartmans at MIT.EDU
Tue Apr 26 04:19:50 EDT 2011
>>>>> "Nico" == Nico Williams <nico at cryptonector.com> writes:
Nico> I never understood why we need to distinguish between
Nico> "exported sec context" and "exported lucid sec context",
Nico> except as a way to avoid cleaning up the existing sec context
Nico> export/import functions... Here's your chance to make that
Nico> distinction go away.
At the time we didn't want to standardize our export token format.
In the lucid structure, the userspace code is responsible for making the
exported context right for what the kernel supports.
If we standardize something we'd need to standardize something
extensible and the kernel would need to skip parts of it.
Here, note that by standardize I mean write down, not something within
the IETF.
More information about the krbdev
mailing list