[1348] in Kerberos_V5_Development
Re: Audit GSS-API changes
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Fri Jun 21 19:44:48 1996
To: "Barry Jaspan" <bjaspan@MIT.EDU>
Cc: krbdev@MIT.EDU
In-Reply-To: Your message of "Fri, 21 Jun 1996 17:38:46 EDT."
<9606212138.AA25537@DUN-DUN-NOODLES.MIT.EDU>
Date: Fri, 21 Jun 1996 19:44:29 EDT
From: Marc Horowitz <marc@MIT.EDU>
In message <9606212138.AA25537@DUN-DUN-NOODLES.MIT.EDU>, "Barry Jaspan" <bjaspan@MIT.EDU> writes:
>> I disagree that most of the functionality you added was required. The
>> only reason (IMHO) to provide compatibility with the old krb5 OID is
>> so that old binaries continue to work, and in fact I'd limit that to
>> old clients working with new servers.
This is correct. I believe that we should support this, at least for
a little while. It will be useful for third-party apps, and apps in
the tree, such as gssftp.
There are also spec reasons to make the changes I made. It would be
incorrect to have gss_accept_sec_context return an oid which was not
returned by gss_acquire_cred.
Anyway, now that it's done, I don't think it's complex enough to back
out.
Marc
