On Wed, 03 Mar 2010 15:53:24 -0500 Jeffrey Altman <[email protected]> wrote:
> rxgk is not Kerberos based. Kerberos happens to be one of the > authentication mechanisms that can be used via a GSSAPI mechanism to > produce rxgk tokens. The others that will be available will include > the GSI GSSAPI mechanism which will permit direct use of x.509 > certificates for obtaining rxgk tokens and SCRAM which is a password > based GSSAPI mechanism. I know and understand this. > As with any Kerberos based GSSAPI mechanism there needs to be a > credential cache. Even klog.krb5 uses a credential cache. It just > destroys the contents of the cache it creates after it is finished. This is what I didn't know. That seems crazy to me, but if that's what we've got, it's what we've got. -- Andrew Deason [email protected] _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
