: Why are we using libverto again

Nico Williams nico at cryptonector.com
Thu Jul 7 14:07:17 EDT 2011

On Thu, Jul 7, 2011 at 12:36 PM, Greg Hudson <ghudson at mit.edu> wrote:
> On Thu, 2011-07-07 at 10:44 -0400, Sam Hartman wrote:
>> Now, for the KDC today, we could just use a specific event library and
>> gain significant complexity savings.
> The reason I favor an intermediary is that the event loop will be part
> of the API for kdcpreauth plugins (and probably KDB and authdata plugins
> in the future).  Picking an event loop now carries costs not just for a
> future libkdc but also a plugin interface transition cost.

The same sort of thing could apply to GSS mechanism implementations
with async GSS extensions.  Particularly when one wants to use a
single event loop that is outside the control of the mechglue, much
less the mechanisms.  The alternative is every mechanism (or pre-auth
plugin) starts a thread to run its own event loop, but then you
require threading support.

That's the value I see in libverto.

More information about the krbdev mailing list