[15812] in Kerberos_V5_Development
Re: a suggestion for improving pkinit preauth plugin token choosing
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Wed May 12 16:50:43 2010
Date: Wed, 12 May 2010 15:49:39 -0500
From: Nicolas Williams <Nicolas.Williams@oracle.com>
To: Simo Sorce <ssorce@redhat.com>
Message-ID: <20100512204939.GP9429@oracle.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20100512145842.36cfee6c@willson.li.ssimo.org>
Cc: krbdev@mit.edu, "Douglas E. Engert" <deengert@anl.gov>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Wed, May 12, 2010 at 02:58:42PM -0400, Simo Sorce wrote:
> On Wed, 12 May 2010 12:59:15 -0500
> "Douglas E. Engert" <deengert@anl.gov> wrote:
> > Is it time to rewrite the PAM standards?
>
> Certainly my desktop pals would like me to try to. :-)
We should try to not throw the baby out with the bath water. I can
think of a number of enhancements to PAM that would address many/most of
its API/SPI problems while remaining backwards compatible with existing
PAM apps and modules.
Nico
--
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev