Project review: GSS credential store extensions

Sam Hartman hartmans at MIT.EDU
Thu Jul 12 12:59:43 EDT 2012

>>>>> "Nico" == Nico Williams <nico at> writes:

    Nico> In Simo's proposal the mechglue/mechanism will never output a cred
    Nico> store, thus there's no memory management problem.

Consider what happens when the mech glue or a stacked mechanism wants to
augment the cred store configuration.
I.E. consider a mech glue that allows an admin to configure parameters
to pass into a mechanism.
Or consider how Moonshot might interact with Kerberos.

More information about the krbdev mailing list