[17344] in Kerberos_V5_Development
Re: Extensible kadm5 policies
daemon@ATHENA.MIT.EDU (Tom Yu)
Mon Oct 31 12:27:12 2011
To: Simo Sorce <simo@redhat.com>
From: Tom Yu <tlyu@mit.edu>
Date: Mon, 31 Oct 2011 12:27:07 -0400
In-Reply-To: <1320033560.7734.158.camel@willson.li.ssimo.org> (Simo Sorce's
message of "Sun, 30 Oct 2011 23:59:20 -0400")
Message-ID: <ldvd3ddazz8.fsf@cathode-dark-space.mit.edu>
MIME-Version: 1.0
Cc: Nico Williams <nico@cryptonector.com>, krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Simo Sorce <simo@redhat.com> writes:
> On Sun, 2011-10-30 at 17:06 -0500, Nico Williams wrote:
>> On Sun, Oct 30, 2011 at 4:43 PM, Simo Sorce <simo@redhat.com> wrote:
>> > On Fri, 2011-10-28 at 11:54 -0500, Nico Williams wrote:
>> >> 1) Treat policies as principals named with a well-known naming
>> >> convention to avoid collisions;
>> >
>> > I don't g4et this, but it sounds ugly and something I wouldn't like to
>> > see.
>>
>> Aside from whether it's ugly, Heimdal already does it, though for just
>> one policy, the one named "default".
>
> Ok, it doesn't necessarily mean it is a good design you want to 'port'
> to other implementations.
>
>> As for ugliness, yes, it's ugly, but the current policy DB mess is far
>> uglier,
>
> Doesn't justify adding more ugliness IMO.
Let's make things prettier, not uglier.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
