[16779] in Kerberos_V5_Development
Re: Kernel subset design issues
daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Apr 26 04:21:50 2011
From: Sam Hartman <hartmans@mit.edu>
To: Nico Williams <nico@cryptonector.com>
Date: Tue, 26 Apr 2011 04:19:50 -0400
In-Reply-To: <BANLkTim-37i1WudJRKrD+VVxa0s59HvafA@mail.gmail.com> (Nico
Williams's message of "Mon, 25 Apr 2011 19:09:32 -0500")
Message-ID: <tsl7hahqva1.fsf@mit.edu>
MIME-Version: 1.0
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
>>>>> "Nico" == Nico Williams <nico@cryptonector.com> writes:
Nico> I never understood why we need to distinguish between
Nico> "exported sec context" and "exported lucid sec context",
Nico> except as a way to avoid cleaning up the existing sec context
Nico> export/import functions... Here's your chance to make that
Nico> distinction go away.
At the time we didn't want to standardize our export token format.
In the lucid structure, the userspace code is responsible for making the
exported context right for what the kernel supports.
If we standardize something we'd need to standardize something
extensible and the kernel would need to skip parts of it.
Here, note that by standardize I mean write down, not something within
the IETF.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
