[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: using Heimdal Krb5 for DCE RPC Security

Jim Doyle <jrd@bu.edu> writes:

> - What is the status on the GSSAPI library implementation?

I don't know what the *status* is, but I guess it works with the
things we've tried it with (basically ftp).

> - Are the Heimdahl V5 libraries thread safe?

Not at this time. Depending on the level of thread-safeness you want,
it will be more or less difficult to add. We don't, for instance, use
any static data (except in a few places).

Is this something people would like to have, and if so to what extent?

> - Have Heimdahl V5 clients been interoperability tested against
>   a DCE Security Server. (that is, can Heimdahl decode TGTs 
>   issued by a DCE SEC server like the MIT v5 kit can ? )

We tried that ages ago, but it seems to work.

> However, Heimdahl cant presently understand how to traverse a
> credentials cache that has been constructed by DCE 1.1 - (Krb5Beta2)

I guess this is because DCE is using some old format.