[529] in Kerberos_V5_Development
Re: database changes for seed string
wesommer@ATHENA.MIT.EDU (wesommer@ATHENA.MIT.EDU)
Tue Dec 18 13:19:51 1990
I agree that my implementation of the database back end was not
optimal space-wise.
I'll comment on what I think should be done:
First, if you care about allowing principals to be *renamed* without
changing their key, you want the ability to store an arbitrary
string (though you don't have to use it all, or even most of the
time).
You could do something like the following:
The "length-of-salt" field can be used as is currently if positive,
with the following valuesmeaning various other salting:s:
0: kerberos v4
-1: default "normal" salt.
-2: .... reserved for expansion ...
(it so happens that the kerberos v4 salt IS a zero-length salt)
For better future expansion, you also might wantt to have both a type
code and a length field,to allow for data used by smart cards and the
like.
- Bill
