Project review: GSS credential store extensions
Simo Sorce
simo at redhat.com
Thu Jul 12 15:24:26 EDT 2012
On Thu, 2012-07-12 at 12:59 -0400, Sam Hartman wrote:
> >>>>> "Nico" == Nico Williams <nico at cryptonector.com> writes:
>
> Nico> In Simo's proposal the mechglue/mechanism will never output a cred
> Nico> store, thus there's no memory management problem.
>
> Consider what happens when the mech glue or a stacked mechanism wants to
> augment the cred store configuration.
> I.E. consider a mech glue that allows an admin to configure parameters
> to pass into a mechanism.
> Or consider how Moonshot might interact with Kerberos.
Copy the store. It's the best option, really.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the krbdev
mailing list