[15810] in Kerberos_V5_Development
Re: a suggestion for improving pkinit preauth plugin token choosing
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Wed May 12 16:29:39 2010
Date: Wed, 12 May 2010 15:29:22 -0500
From: Nicolas Williams <Nicolas.Williams@oracle.com>
To: Simo Sorce <ssorce@redhat.com>
Message-ID: <20100512202922.GM9429@oracle.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20100512145842.36cfee6c@willson.li.ssimo.org>
Cc: krbdev@mit.edu, "Douglas E. Engert" <deengert@anl.gov>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Wed, May 12, 2010 at 02:58:42PM -0400, Simo Sorce wrote:
> > This mail list has many of parties involved...
>
> Yes, but PAM seem a bit off-topic here, I just wanted to remind that
> PAM may not be the only consumer long term.
True, but the only other consumers will either need the same menu
functionality (kinit), or they won't handle PKINIT at all (Apache auth
modules -- don't mention SACRED, that's not realisting :).
Nico
--
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev