Alternative proxy-creds API for constrained-delegation
Nico Williams
nico at cryptonector.com
Fri Jun 5 10:47:42 EDT 2020
On Fri, Jun 05, 2020 at 12:11:44PM +0200, Isaac Boukris wrote:
> Actually, even with the cred_store option for delegation_policy, when
> using more than one type, one can't really tell what creds he got at
> the end.
You need to know? Why?
Anyways, gss_store_cred_into2() gives us a way to get that.
Also, maybe we need a gss_cred_get_store() function to return a
cred_store description of where the cred was acquired from or last
stored. (No need to release this.)
Nico
--
More information about the krbdev
mailing list