Re: Publickey subsystem draft posted

To: Joseph Galbraith <galb-list%vandyke.com@localhost>
Subject: Re: Publickey subsystem draft posted
From: Darren J Moffat <Darren.Moffat%Sun.COM@localhost>
Date: Wed, 23 Jul 2003 12:03:19 -0700 (PDT)

On Tue, 22 Jul 2003, Joseph Galbraith wrote:
> Hmmm-- since we don't have a modify, maybe we should
> change add as follows:
> 	...
> 	string public-key-blob
> 	bool overwrite
> 	...
>
> with wording like:
>
>     Clients SHOULD send the add request the first time
>     with overwrite false, and then, if the key turns out
>     to be already present, give the user the option of
>     overwriting the key.
>
> We would also need to add a KEY_ALREADY_PRESENT status
> message.

Which needs to have the possibility of permission denied, so that an
admin can setup a set of restrictions on a key that the user can't
later override by using the public key subsystem to modify the attributes
of an already existing key.

-- 
Darren J Moffat

Follow-Ups:
- Re: Publickey subsystem draft posted
  - From: Nicolas Williams

References:
- Re: Publickey subsystem draft posted
  - From: Joseph Galbraith

Prev by Date: Re: Transport I-D: KEXINIT reserved field needs description
Next by Date: Re: Publickey subsystem draft posted
Previous by Thread: Re: Publickey subsystem draft posted
Next by Thread: Re: Publickey subsystem draft posted
Indexes:

Home | Main Index | Thread Index | Old Index