[17176] in Kerberos_V5_Development
Re: String attributes feature (project review)
daemon@ATHENA.MIT.EDU (Nico Williams)
Tue Sep 20 10:28:15 2011
MIME-Version: 1.0
In-Reply-To: <201109191901.p8JJ1cJg017849@outgoing.mit.edu>
Date: Tue, 20 Sep 2011 09:28:09 -0500
Message-ID: <CAK3OfOixe7Ux07uk4OTf34rBrV7uVRt5isD9fAakqf_McSaHbg@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: ghudson@mit.edu
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
I believe that building an extension data keyed by text feature over
TL data is a great idea.
I'm less sure about the idea that the data must be text as well, but
it's certainly most expedient. The alternative would be to make
kadmin pluggable, but that'd also mean distributing plugins to the
kadmin clients...
A few comments:
a) the key should be all US-ASCII;
b) the key namespace needs more guidance/definition (e.g.,
feature@domainname, a la SSHv2);
c) should any type information be included for the data part?
d) how should binary data be encoded for storage as text data? There
are many options, but it'd be nice if there was a single common
recommendation (e.g., base64) and utility functions for it.
Nico
--
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
