[OpenAFS-devel] Kerberos v5 Principal Names containing dots in the first component

[Jeffrey Hutzelman]

On Monday, August 06, 2007 02:12:20 PM -0500 "Douglas E. Engert" 
<deengert@anl.gov> wrote:

> What plan?  Is there a plan? All I have seen is this thread on what to
> do about K5 principal names with periods, and how this conflicts what the
> pts does with multiple part principals and how it uses a K4 style "."
> as a separator.

There is a plan for adding full native support for krb5 principal names and 
other mechanism-independent names.  This has been discussed at multiple 
hackathons, the proceedings of which are available online.  Some 
implementation work has been done, but mostly in the vein of adding the 
needed extensibility to the PRDB.

The question which started this thread is relevant to OpenAFS today.  The 
answer will probably have some effect on the default rules under the new 
system, but it's far too soon to tell what that will be.

-- Jeff