[16207] in Kerberos_V5_Development
Re: Pasword quality pluggable interface project review
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Mon Aug 30 18:34:17 2010
Date: Mon, 30 Aug 2010 17:32:19 -0500
From: Nicolas Williams <Nicolas.Williams@oracle.com>
To: Sam Hartman <hartmans@mit.edu>
Message-ID: <20100830223219.GZ1198@oracle.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <tslbp8jkagc.fsf@mit.edu>
Cc: "krbdev@mit.edu" <krbdev@mit.edu>, Marcus Watts <mdw@umich.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Mon, Aug 30, 2010 at 06:22:11PM -0400, Sam Hartman wrote:
> >>>>> "Greg" == Greg Hudson <ghudson@MIT.EDU> writes:
> Greg> It's apparent to me now that there's a lot of room for improving our
> Greg> support for password quality errors over the password change protocol.
> Greg> For schedule reasons, I'm going to defer that to future work--in
> Greg> particular, to the part of the future after we have localization.
>
> I can understand deferring revising our set-change password support.
> However, as Russ pointed out, the existing change protocol has a way for
> a text error to come back--Heimdal does that. I think we need to at
> least support this in the plugin interface even if you don't write the
> glue now to make it work.
But also the "room" isn't "a lot": it's just addition of a language tag
set to be sent by the client to the server, plus, maybe, some new policy
codes. That's not "a lot". There's no reason the plugin can't get a
language tag set, which would be empty when the client doesn't send any
(e.g., because the protocol it's using doesn't allow it to).
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
