[OpenAFS-devel] Re: [PATCH] PAG support, try #2
Harald Barth
haba@pdc.kth.se
Wed, 14 May 2003 22:45:05 +0200 (CEST)
> This was my last mail on the subject as I seem the be the only one on
> that actually seem to view PAGs the way I do.
Jan, that would be a pity because in that case I (or someone else) of
the openafs-devel regulars would have to explain. I think you did a
better job that I would have done. You seem to have the references
handy. I can understand if you are not happy in writing more, because
part of the debate in this thread has been an all time low, rude and
very jumpy from one subject to another without getting anywhere. My
judgment is the one of a regular openafs-devel reader, customs in
other mailing lists may differ.
Asking questions is better that assuming something and waiting to be
proven wrong or right. Splitting up the problem in sub problems is
good, talking about function (the program mechanics) and form (coding
style) at the same time is difficult. Bad language is less convincing
than references.
A PAG is a session identifier (inherited like group membership) which
allows a user to temporarily switch to a new authentication context in
order to perform tasks which require this. The reference mentioned by
Jan explains this and I can add that I and a lot of fellow users use
it in that way on a daily basis. There are other related problems like
credential storage that need to be looked at, but that is not the same
thing as a PAG.
Harald.