[857] in Kerberos_V5_Development
Re: Proposed Kerberos V5 Password Changing Algorithm
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Fri Feb 17 14:46:34 1995
Date: Fri, 17 Feb 1995 14:46:13 +0500
From: Theodore Ts'o <tytso@MIT.EDU>
To: John Gilmore <gnu@cygnus.com>
Cc: "Theodore Ts'o" <tytso@MIT.EDU>, krbdev@MIT.EDU, gnu@cygnus.com
In-Reply-To: John Gilmore's message of Thu, 16 Feb 1995 19:11:57 -0800,
<199502170311.TAA17432@cygnus.com>
Date: Thu, 16 Feb 1995 19:11:57 -0800
From: John Gilmore <gnu@cygnus.com>
I'd like to propose that we use an ASCII rather than binary protocol
inside the KRB_PRIV messages. Kerberos is one of the few Internet
protocols that's infested with binary fields; the other protocols are
much easier to debug because humans can actually watch what's going
on with very little aid from their debugger, network monitor, etc.
The flip side is binary fields are easier and faster to parse, not to
mention quicker to implement. I'm also not convinced that seeing
something like:
MESSAGE 7583DE6AB762643E95834202948757639DBEFB762643E9583420202948757639DBE
makes it any easier to debug than if the same data were simply sent in
binary across the stream.
As far as making debugging easy, one of the reasons I chose such a
structured PDU format was to make simple to write a debugging routine
that could pick part any PDU, format it, and print it for debugging
purposes.
My main consideration while designing the protocol, though, is to
maximimze the ease of implementation. The easier we make to implement,
the more people will implement in their products --- and the easier it
is for us to do an implementation here at MIT, given the copious amount
of free time that we all have.
- Ted
