Nicolas Williams wrote: > I now think that PAM binary prompts could certainly be used to handle > GSS-API and anything else such as raw Kerberos, SRP and so on. I think binary prompts are not quite the complete solution. We also need some event driven model for supporting ticket expiration/renewal but I agree with this sentiment. Perhaps you'ld like to write out a typical event loop for gss type authentication and ticket renewal? That should help indentify where PAM is lacking at present. > Notice that GSS-API binary prompts don't seems to fit any of the > currently allocated binary prompt control characters. This is an area > that might need work to make this approach possible. Perhaps you could include details here too? Thanks Andrew
