[544] in Kerberos
Re: [Ted Anderson: principal name standards]
daemon@TELECOM.MIT.EDU (Bill Sommerfeld)
Mon Dec 12 17:33:26 1988
From: Bill Sommerfeld <wesommer@ATHENA.MIT.EDU>
To: John T Kohl <jtkohl@ATHENA.MIT.EDU>
Cc: Kerberos Users <kerberos@ATHENA.MIT.EDU>
In-Reply-To: John T Kohl's message of Mon, 12 Dec 88 15:39:19 EST,
Another argument for:
-makes it more obvious that checking authentication names using
"*.instance" or "user.*" wildcarding, especially in server code, isn't
A Good Thing.
From my point of view, the value of "instances" lies in two areas:
1) it allows service providers to come up with a consistent naming
convention for services ("servicename.hostname@REALM"). [This allows
the ext_srvtab program to "cheat" by extracting "*.hostname" from the
database.]
2) it allows users to "delegate" or "partition" their priveleges by
creating alternate names for some different "aspect" of their job.
For example, there is another entry in the kerberos database, with a
separate password, named "wesommer.root"; that identity, while
associated with me as a person, has somewhat greater priveledges.
Both of these are valuable uses; however, neither is any more than a
naming convention.
In the programming interface end, there have been a number of
programming errors where a programmer forgot to check the instance
field of a ticket; this would tend to argue against having name and
instance be two separate fields.
For other reasons, I think that `.' should not be used as a
name-instance separator, even as part of a possibly consistant naming
convention.
- Bill
