Wyllys said:
Im not sure how much of the Kerberos API is considered "stable" (i.e. not subject to change from revision to revision). Writing a book about the API as it stands today in 1.3 might be out-of-date in a year or whenever 1.4 comes out.
The API is not-standard, it is not specified by any RFC, thus its harder to document it definitively.
True enough, but at least one site I've seen discriminates between the (unstable) internal functions and the (hopefully more stable) exposed API. The exposed stuff must be more stable since there are people out there writing applications against it and using others that have been around for a while. I wouldn't attempt to document internals except to say "use this at your own risk."
Microsoft documented much of what you are asking about recently. I don't have a link handy, but you can search for it on MSDN website or maybe someone reading this list will post it.
Maybe this is the URL you're thinking of:
http://meta.cesnet.cz/software/heimdal/draft-brezak-spnego-http-04.txt
Thats part of it, but they also published a much more detailed document, complete with code samples and everything needed to implement it.
Take a look at http://negotiateauth.mozdev.org/.
Yup, seen it. Its nice, but it does not use SPNEGO.
-Wyllys
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
