: Why are we using libverto again
Nico Williams
nico at cryptonector.com
Thu Jul 7 14:07:17 EDT 2011
On Thu, Jul 7, 2011 at 12:36 PM, Greg Hudson <ghudson at mit.edu> wrote:
> On Thu, 2011-07-07 at 10:44 -0400, Sam Hartman wrote:
>> Now, for the KDC today, we could just use a specific event library and
>> gain significant complexity savings.
>
> The reason I favor an intermediary is that the event loop will be part
> of the API for kdcpreauth plugins (and probably KDB and authdata plugins
> in the future). Picking an event loop now carries costs not just for a
> future libkdc but also a plugin interface transition cost.
The same sort of thing could apply to GSS mechanism implementations
with async GSS extensions. Particularly when one wants to use a
single event loop that is outside the control of the mechglue, much
less the mechanisms. The alternative is every mechanism (or pre-auth
plugin) starts a thread to run its own event loop, but then you
require threading support.
That's the value I see in libverto.
More information about the krbdev
mailing list