Re: Proposed PRF changes to address Ken's comments

To: Seema Malkani <Seema.Malkani at Sun.COM>
Subject: Re: Proposed PRF changes to address Ken's comments
From: Jeffrey Altman <jaltman at columbia.edu>
Date: Mon, 27 Jun 2005 11:33:48 -0400
Cc: kitten at ietf.org, Nicolas Williams <Nicolas.Williams at Sun.COM>
In-reply-to: <42BEE902.3010009@sun.com>
List-archive: <http://www1.ietf.org/pipermail/kitten>
List-help: <mailto:kitten-request@lists.ietf.org?subject=help>
List-id: Common Authentication Technologies - Next Generation <kitten.lists.ietf.org>
List-post: <mailto:kitten@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@lists.ietf.org?subject=unsubscribe>
Organization: No Longer Affiliated with Columbia University in the City of New York
References: <20050625040059.GL711@binky.Central.Sun.COM> <42BEE902.3010009@sun.com>
Sender: kitten-bounces at lists.ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414

Seema Malkani wrote:

> To answer Ken's question :
> 
> Adding a new method to a standardized interface will break existing
> applications. This means all classes that implement GSSContext interface
> will now need to add the new method. All implementations of Java GSS
> will NOT compile until the new method is added.
> 
> Abstract classes don't have such a problem, since you can provide a
> default (possibly empty) implementation, and existing implementations
> will not break. It is easier to evolve an abstract class than to evolve
> an interface. Since GSSContext was defined to be an interface, we cannot
> change it.
> 
> Alternatives ?
> 
> We can possibly add the new method to GSSManager class, which is an
> abstract class. This class serves as a factory for three GSS interfaces:
> GSSName, GSSCredential, and GSSContext. The new method will have to be
> invoked after the GSSContext has been established.
> 
> GSSManager class:
> public byte[] prf(GSSContext context, int prf_key, byte[] inBuf, int
> outlen)
>         throws GSSException
> 
> GSSManager mgr = GSSManager.getInstance();
> GSSName targetName = mgt.createName("service at host", ..);
> GSSContext context = mgr.createContext(targetName, ..);
> ..
> if (context.isEstablished()) {
>   // define PRF key, input..
>   int prf_key = ..
>   ..
>   byte[] prf_out = mgr.prf(context, prf_key, inBuf, outlen);
> }
> 
> Seema

Seema:

This will definitely be a much more generic issue for Java GSS support
than just the PRF.  There are a number of new methods that the work of
this group will require moving forward.   Adding them all to the
GSSManager class seems like an inappropriate thing to do.  Even if we
hold off defining a Java binding for PRF and wait for the majority of
this group's work to complete, we will still be faced with this issue.
I think we need to address the question of extensibility for the Java
bindings.   It would be unfortunate if everytime new GSS functionality
was defined the interfaces implementing one or more of the classes had
to be replaced.

Jeffrey Altman

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Kitten mailing list
Kitten at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/kitten

Follow-Ups:
- Re: Proposed PRF changes to address Ken's comments
  - From: Nicolas Williams

References:
- Proposed PRF changes to address Ken's comments
  - From: Nicolas Williams
- Re: Proposed PRF changes to address Ken's comments
  - From: Seema Malkani

Prev by Date: Re: CIFS and the krb5 PRF
Next by Date: Re: Proposed PRF changes to address Ken's comments
Previous by thread: Re: Proposed PRF changes to address Ken's comments
Next by thread: Re: Proposed PRF changes to address Ken's comments
Index(es):
- Date
- Thread

Re: Proposed PRF changes to address Ken's comments

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.