[19074] in Kerberos
Re: Kerberos Backend for LDAP
daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Apr 15 17:20:11 2003
To: Matthew Smith <matt@forsetti.com>
From: Sam Hartman <hartmans@MIT.EDU>
Date: Tue, 15 Apr 2003 17:18:53 -0400
In-Reply-To: <3e9c0006@news0.ucc.uconn.edu> (Matthew Smith's message of
"Tue, 15 Apr 2003 08:50:07 -0400")
Message-ID: <tsld6jncvcy.fsf@konishi-polis.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
It's important to distinguish two related things:
1) A backend to allow a KDC to use LDAP to store principal data. This
has been implemented for Heimdal.
2) An interface to allow LDAP to be used to look at principal data.
There is ongoing work in the IETF to specify such an interface.
Note that 1 does not strictly imply 2. The interface that the KDC
uses may well be something that you don't want to expose to anyone
besides the KDC.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
