[859] in Kerberos_V5_Development
Re: Proposed Kerberos V5 Password Changing Algorithm
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Tue Feb 21 13:06:55 1995
Date: Tue, 21 Feb 1995 13:06:31 +0500
From: Theodore Ts'o <tytso@MIT.EDU>
To: Marc Horowitz <marc@MIT.EDU>
Cc: John Gilmore <gnu@cygnus.com>, krbdev@MIT.EDU,
"Theodore Ts'o"
<tytso@MIT.EDU>
In-Reply-To: Marc Horowitz's message of Mon, 20 Feb 1995 20:42:55 EST,
<9502210142.AA08565@w20-575-25.MIT.EDU>
Date: Mon, 20 Feb 1995 20:42:55 EST
From: Marc Horowitz <marc@MIT.EDU>
Content-Length: 603
What John's asking for is similar to what the FTP security extentions
do, and I believe what the IMAP security extensions do, too.
Yes.... and it adds very little value.
My experience is that this is neither hard to implement or debug.
Perhaps, but it's still more effort than a simple binary protocol.
If someone is willing to put their money where their mouth is and donate
a complete, freely available, non-GPL'ed version that uses ASCII
parsing, I'll think about it.
If we're going to go ahead with something like this, perhaps we should
steal the negotiation protocol from FTP or IMAP. I think this would
be a fine idea.
Cough.... This is the Kerberos V5 password changing protocol.
Adding negotiations here once again adds complexity without adding any
value. I'm trying to go with something really *simple* here.
- Ted
