[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [OpenAFS-devel] Re: MEMORY credential cache interop between Heimdal and MIT?



Hello Ken,

On Thu, Aug 30, 2007 at 01:15:03PM -0400, Ken Hornstein wrote:
> >You shouldn't contradict the design of the expected environment
> >for your product.
> 
> So you're advocating doing nothing because of some design decisions made
> 30+ years ago?  My experience has shown me that it's possible to do better;

I do not advocate doing nothing :)

I advocate being reasonable. If you (just as a hypothetical example)
prefer PAG to clean design - fine, but then do not call the resulting system
secure, as you broke the assumptions on which the semantics
of the system call set was designed (and still relies on).

> I see no reason the design can't evolve to meet new requirements.  You

The design can evolve given that the changes are compatible.
With a complex design it is hard to do the analysis, and a negative
conclusion usually is more reliable than a positive one.

> might point out that the design hasn't evolved yet; that would be fair,
> but if we don't try stuff now we won't find what works and what doesn't.

So I am helping the evolution by pointing out which things don't :)

Many people seem to believe that PAGs are "right" and that all we need
is a suitable implementation which will make it work.
My point is that this is not exactly the case and that there are other,
more general hinders as well.

Best regards,
Rune