Sam Hartman (hartmans) wrote,
Sam Hartman

Kerberos Pre-authentication

I may have talked about some of this before, but I cannot find the entry. Back in 2004, I wrote a proposal for how to abstract out Kerberos pre-authentication and how to think about the state model. I gave up on that proposal because it seemed too complicated even for me. I understood what state needed to be captured, but did not understand how you could do anything simple within the framework I created. So I reluctantly gave up on the proposal.

Last year, the issue came up again. Larry Zhu, the lead Kerberos developer from Microsoft wanted to put together some way to accomplish some of the same goals I was talking about in 2004. I told him I'd tried to go down that path and found it too complicated; I sent him my old document so he could see what I ran into. He wrote back and said he really liked what I had written and wanted to work on finishing it. I was dubious that I would like the result.

Now, having reviewed what he's doing and having spent a lot of energy working on the proposal, I think he did find a way around my problems. I'm very excited about what we're doing. Also, working with Larry is a lot of fun. This is more enjoyable because it is creating new technical work. So much of what I do in the IETF is review others' work. It is pleasurable to be working on something of my own from time to time.

Tags: ietf

  • Questioning and Finding Purpose

    This is copied over from my spiritual blog. I'm nervous doing that, especially at a point when I'm more vulnerable than usual in the Debian…

  • Dreaming of a Job to Promote Love, Empathy and sexual Freedom

    Debianhas always been filled with people who want to make the world a better place. We consider the social implications of our actions. Many are…

  • Tools of Love

    From my spiritual blog I have been quiet lately. My life has been filled with gentle happiness, work, and less gentle wedding planning. How do you…

  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.