----- Original Message -----
From: "Itamar Heim" <iheim@redhat.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: "Thierry Kauffmann" <thierry.kauffmann@univ-montp2.fr>, "Yaniv Kaul" <ykaul@redhat.com>, "engine-devel" <engine-devel@ovirt.org> Sent: Thursday, December 13, 2012 1:27:15 AM Subject: Re: Adding Authentication mechanism to oVirt
On 12/12/2012 06:53 PM, Alon Bar-Lev wrote:
I believe the GSSAPI can be dropped, I see no advantage of using it.
how would upgrade/backward compatibility look like?
We have the user/password, so there should be no problem we can test if authentication succeeds in methods based on some order... but we cross this when we reach the point. Asking the user for transport/authentication scheme during upgrade is something that can also be done. We can keep the GSSAPI around of course... Not something I would like to do. Alon