[871] in Kerberos_V5_Development
Re: Proposed Kerberos V5 Password Changing Algorithm
daemon@ATHENA.MIT.EDU (eichin@MIT.EDU)
Sun Feb 26 00:33:41 1995
Date: Sun, 26 Feb 95 00:32:59 -0500
To: marc@MIT.EDU
Cc: rsalz@osf.org, krbdev@MIT.EDU, tytso@MIT.EDU
In-Reply-To: <9502260159.AA19473@oliver.MIT.EDU> (message from Marc Horowitz on Sat, 25 Feb 1995 20:59:16 EST)
From: eichin@MIT.EDU
>> However, I'd like to see a version flag at the head of the protocol.
>> if we decide later we need to change the protocol, it would be good if
>> the client and server both knew what the other side was trying to do.
I thought about that -- and came up with ways to handle upgrading the
protocol fairly cleanly without a version number (just add new opcodes
for new features -- old servers will just return errors, in which case
the client can retry with the old syntax if it can.) I don't think
having the peer bail is *ever* the right answer for this simple a
protocol. However, a *good* reason to include a version number is for
tracking software versions -- if a protocol change does need to be
made, having a version number makes it easy to tell what proportion of
the clients have (probably) been upgraded. [Then again, new opcodes
would do that too, just not as obviously...]
_Mark_
