[OpenAFS] Re: feasibility of moving lightweight-principals issue "upstream" to kerberos

Douglas E. Engert deengert@anl.gov
Wed, 04 Jan 2006 09:51:47 -0600

Adam Megacz wrote:
> Ken Hornstein <kenh@cmf.nrl.navy.mil> writes:
>>Be careful; in one sense, krb524d and gssklogd are basically the same
>>program, especially in terms of client transparency.  It's just that
>>the utilities to use one of them are much more widespread.
> Ah yes. I wasn't aware that they shared code, 

They don't really share any code, other then Kerberos and AFS libs.

> although I do know that they operate on essentially the same principle.
> But the "client side" of krb524d is built into the aklog that ships
> with OpenAFS, while the "client side" of gssklog is not.  It's not
> just the widespreadness, it's the fact that you can safely assume that
> anybody who has installed a recent version of OpenAFS is guaranteed to
> have the krb524d client.

Yes, but there is no reason to consider shipping the follow on to gssklog
with AFS as well.

>   - a


  Douglas E. Engert  <DEEngert@anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444