Project review: GSS credential store extensions
Simo Sorce
simo at redhat.com
Thu Jul 12 15:17:11 EDT 2012
On Thu, 2012-07-12 at 10:11 -0400, Sam Hartman wrote:
> When you say URN/value pair, do you mean URN as in a subset of URIs
> starting with urn:?
>
> 1) If you do, you probably should say URI instead. Rationale: while URNs
> are often appropriate, there are great reasons for companies using tag
> or http URIs to denote proprietary extensions.
>
> 2) If you don't mean URN, please don't use that abbreviation. Your
> example ("ccache") is not a valid URN.
>
>
> It would be valuable if the specific URNs that the krb5 mechanism
> supports were documented.
>
> Is this intended to replace gss_acquire_cred_with_password? I.E. can I
> "get" a credential from a password, or a password and smart card, or a
> PIN and smart card? I'm not asking whether you plan to implement that so
> much as whether that usage is compatible with this architecture.
No in my view this is not intended to replace
gss_acquire_cred_with_password()
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the krbdev
mailing list