[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

config option inconsistencies

To: heimdal-discuss@sics.se, Kerveros-dev <krbdev@mit.edu>
Subject: config option inconsistencies
From: "Kevin Coffman" <kwc@citi.umich.edu>
Date: Thu, 16 Nov 2006 10:31:50 -0500
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=Xs96UXIkfBwrRLiOm5+GeW9s8LE7pCrwNTMin6VQlVF5RnXMlF/FOpyQoOx5/hJQlisOrG6DpfedOJNe5Bpj6kgRiP38pfYbyUOxaZWgsItGima1m/2MJ5sw1Nwfgm4rsHnATlZqpCtK12Qu/5/g9s5fXWXiW5xprFqbBmWAUJg=
Sender: owner-heimdal-discuss@sics.se

There are currently inconsistencies in the use of underscores and
hyphens in the Heimdal (pkinit/pki) config parameters.  I think there
are also inconsistencies with "pki-" vs. "pkinit-" in some cases?  Is
it too late, too painful, to make these consistent at this point?

Some examples:

enable-pkinit = false
win2k_pkinit = false
win2k_pkinit_require_binding = false
pkinit_require_eku = true
pkinit_require_krbtgt_otherName = true
pkinit_require_hostname_match = false
pkinit-anchors = (no default)
pki-kdc-ocsp = (no default)
pkinit-principal-in-certificate = true
pkinit-dh-min-bits = 0
pki-allow-proxy-certificate = false
pki-mappings-file = $DB_DIR/pki-mapping
pki-revoke
pkinit-revoke

Follow-Ups:
- Re: config option inconsistencies
  - From: Love Hörnquist Åstrand <lha@kth.se>
- Re: config option inconsistencies
  - From: Harald Barth <haba@pdc.kth.se>

Prev by Date: Re: tag values in decode_PA_PK_AS_REQ_Win2k()
Next by Date: Re: config option inconsistencies
Prev by thread: Re: tag values in decode_PA_PK_AS_REQ_Win2k()
Next by thread: Re: config option inconsistencies
Index(es):
- Date
- Thread