> Not really, no, not if the defer things involve bits that need to be
> carried in context tokens.
It wasn't my understanding that this was the case. But, I guess, I didn't provide you with enough context (pun not intended).
> I would prefer a credential option because that's the only thing that's
> like a "security context template" that we have now. If you wanted to
> tell Cyrus SASL that you need some set of attributes from the peer, then
Yes, I'm agreeing with you now.
> In a version 3 of the GSS-API we might well have a security context
> template object. Adding such an object seems to me to be much more
> significant a change to the API than is the addition of name and/or
> credential attributes.
Call me when it's done? ;-)
-- Luke
|