Thread: Re: [Perlgssapi-developer] [Fwd: CPAN Upload: L/LE/LEIFJ/LWP-Authen-Negotiate-0.03.tar.gz]

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Friday 17 February 2006 08:43, Leif Johansson wrote:
> next

You use GSS_C_MUTUAL_FLAG on every request:

my $iflags = GSS_C_MUTUAL_FLAG;
$iflags |= GSS_C_DELEG_FLAG if $ENV{LWP_AUTHEN_NEGOTIATE_DELEGATE};

isn't it better to use GSS_C_MUTUAL_FLAG only if
Delegation is needed?
(Most setups need only to authenticate the user?)

In my implementation I have set GSS_C_REPLAY_FLAG,
is that not needed?
(My idea was that this can stop MITM attackers.
 am I wrong? - I am unsure!)

Achim

perlgssapi-developer