[29996] in Kerberos
Re: Principal attributes and policy in LDAP Realm
daemon@ATHENA.MIT.EDU (Ken Raeburn)
Mon Jun 23 10:07:13 2008
From: Ken Raeburn <raeburn@MIT.EDU>
To: Simo Sorce <ssorce@redhat.com>
In-Reply-To: <1214226194.3822.23.camel@localhost.localdomain>
Message-Id: <9A56C6EF-CA98-473E-813A-43532C7C2AAA@MIT.EDU>
Mime-Version: 1.0 (Apple Message framework v924)
Date: Mon, 23 Jun 2008 10:05:32 -0400
Cc: kerberos@MIT.EDU
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@MIT.EDU
On Jun 23, 2008, at 09:03, Simo Sorce wrote:
> Is there a specific reason why the database layer has not been
> abstracted appropriately ? Any chance we can work to fix these
> problems
> and come up with a better schema ?
Mostly lack of resources/priority/motivation/etc I guess; certainly no
reason why we don't want it done. But it's an issue that's been
getting more discussion lately in some of our internal meetings.
Have you followed the KDC information model and schema discussions
happening related to the IETF Kerberos working group? The discussions
were taking place on a couple of external mailing lists, not the main
working group mailing list:
http://mailman.mit.edu/mailman/listinfo/kdc-info
http://mailman.mit.edu/mailman/listinfo/kdc-schema
They're pretty quiet now, but you can check through the archives.
Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
