[28448] in Kerberos
Re: pam-krb5 3.6 released
daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Sep 20 13:25:25 2007
From: Russ Allbery <rra@stanford.edu>
To: kerberos@mit.edu
In-Reply-To: <tslwsule0ef.fsf@mit.edu> (Sam Hartman's message of "Thu, 20 Sep
2007 13:01:44 -0400")
Date: Thu, 20 Sep 2007 10:24:56 -0700
Message-ID: <87ps0dntav.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Sam Hartman <hartmans@mit.edu> writes:
> I'd definitely be interested in proposals in this space. I'd prefer
> things that worked at the rd_req level than the verify creds level but
> would look at either.
I only mention verify_creds because that's what the applications call now,
and it would be nice to increase the capability of the API seamlessly.
(You probably know that.)
Also to mention something that you know but that others may not,
verify_creds essentially does a mk_req and rd_req under the hood, except
in a kind of weird way with a memory ticket cache and some other oddities.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos