Nico Williams <[email protected]> writes: > If you're just trying to set up a GSS context between a client and a > server, then GSS is really simple, and much simpler than the krb5 API.
I'm very dubious about this statement. The requirement to handle negotiation and potential multiple round trips and all the complexity with major and minor status codes makes the equivalent GSS code complicated and annoying. GSS pays a significant price for being a generic mechanism with a negotiation method, and the API does not hide that price from the programmer. -- Russ Allbery ([email protected]) <https://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
