On Sat, 24 Nov 2001, Mayers, Philip J wrote: > As my follow up indicated (which of course you read), I do realise that a > client doesn't have the service key - I wasn't thinking when I typed the > mail and it was a stupid question. > > I could give many flippant, impolite answers to your first question, but > instead I'll say: Why not? Are you so sure that the MIT or Heimdal > implementations are so perfect that there's nothing I can contribute by > making a third interoperable one? If so, I envy your confidence. >
- I think what Sam was trying to tell you was that your code won't be interoperable. The file ccache format that MIT is currently using is not meant to be a "public" format and can be changed at any time. In fact it will be changed in the near future. You're supposed to use the API to access it. I think Sam is well aware of the flaws of kerberos and wishes people that had time to work on it would work on fixing the existing code, rather than redoing all the same old errors in a different code. - You may not be familiar with the history of kerberos, but it is rife with just slightly incompatible API's that have put up huge roadblocks to interoperablity and code exchange in the past. Of course that never stopped anybody before and I don't expect it to now. - Booker C. Bense
