Kerberos Support in OpenSSH

Stephen Frost sfrost at snowman.net
Wed Jul 2 04:06:20 EST 2003


* Stephen Smoogen (smoogen at lanl.gov) wrote:
> I would like to add to the request for looking at the GSSAPI patch in
> the future. I have a couple of questions to get this going:
> 
> Who should review/audit the code? If I were to say I have reviewed and
> audit'd it.. it would mean jack.. I have no standing and havent done
> much other than try to answer questions off-line every now and then. 

Just putting my 2 cents in- If you audit the code and do a good job then
you'll probably produce some amount of output in the form of patches to
fix potential problems and the like.  The quality of these and possibly
the quantity will affect what people think of your overall review/audit.
It would probably make it easier for someone else to come through and
review/audit if at least some of the problems have already been fixed.

If you don't find any problems then your claim would probably mean less
but there's not really much help for it I'm afraid.

	Stephen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030701/2cea0664/attachment.bin 


More information about the openssh-unix-dev mailing list