On 10/05/2018 04:49 AM, Rick van Rein wrote: > Is there a registry or registrar for the ad-type values for > Authorization Data?
https://github.com/krb5/krb5-assignments There was (and perhaps will be again) an attempt to move these registries to IANA, but for now they are managed by me. https://tools.ietf.org/html/draft-ietf-kitten-kerberos-iana-registries-04 > I assume documentation in a static place is appreciated, perhaps even > required. To me, an Internet Draft would seem reasonable. Sometimes I make a reservation without documentation, but it is better to have it. > Do people generally advise locally meaningful values in ad-data fields, > even when we intend to make realm-crossing use of it, or is there some > appreciation for more standardised structures, such as Diameter frames > or unsigned SAML? The latter two would make some sense in our project, > which aims to make secure use of online services simpler and more general. I don't have anything insightful to say about this. You might try asking this question on the kitten list, perhaps with more context as to what authorization data is being used for. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos