[15794] in Kerberos_V5_Development

home help back first fref pref prev next nref lref last post

Re: a suggestion for improving pkinit preauth plugin token choosing

daemon@ATHENA.MIT.EDU (Sam Hartman)
Wed May 12 08:56:46 2010

From: Sam Hartman <hartmans@mit.edu>
To: Nicolas Williams <Nicolas.Williams@oracle.com>
Date: Wed, 12 May 2010 08:56:39 -0400
In-Reply-To: <20100511154627.GH9429@oracle.com> (Nicolas Williams's message of
	"Tue, 11 May 2010 10:46:27 -0500")
Message-ID: <tslbpcl5ldk.fsf@mit.edu>
MIME-Version: 1.0
Cc: "Henry B. Hotz" <hotz@jpl.nasa.gov>, "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

I actually agree with henry that "please insert a token," should be out
of scope for preauth plugins.
My rationale is that the current prompter interface is kind of weak when
it interacts with GUIs etc, and the more we can avoid using it, the
better.

For example, what should that prompt read? "Press enter," may be right
for a CLI instance, but will be wrongish for gdm.

I suspect Henry and I may be in the rough on this point.
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev

home help back first fref pref prev next nref lref last post