Change style, add README file

author: Nicolas Williams <nico@cryptonector.com> 2011-11-10 15:30:01 -0600
committer: Nicolas Williams <nico@cryptonector.com> 2011-11-10 15:30:01 -0600
commit: e0c275cc057ec4cbbb59a182751a3ed61a2e7d9c (patch)
tree: 7a945e8c3f1bb93ab38bfb2741cf1a1f361e235c /README
parent: 1bbfe0dbbfb29a100eb6c124761cea31ca397e20 (diff)
download: gss-proxy-e0c275cc057ec4cbbb59a182751a3ed61a2e7d9c.tar.gz
gss-proxy-e0c275cc057ec4cbbb59a182751a3ed61a2e7d9c.tar.xz
gss-proxy-e0c275cc057ec4cbbb59a182751a3ed61a2e7d9c.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/README b/README
new file mode 100644
index 0000000..548ce60
--- /dev/null
+++ b/README
@@ -0,0 +1,17 @@
+
+This is the gss-proxy project.
+
+The goal is to have a GSS-API proxy, with standardizable protocol and a
+[somewhat portable] reference client and server implementation.  There
+are several motivations for this some of which are:
+
+ - Kernel-mode GSS-API applications (CIFS, NFS, AFS, ...) need to be
+   able to leave all complexity of GSS_Init/Accept_sec_context() out of
+   the kernel by upcalling to a daemon that does all the dirty work.
+
+ - Isolation and privilege separation for user-mode applications.  For
+   example: letting HTTP servers use but not see the keytabe entries for
+   HTTP/* principals for accepting security contexts.
+
+ - Possibly an ssh-agent-like SSH agent for GSS credentials -- a
+   gss-agent.
author	Nicolas Williams <nico@cryptonector.com>	2011-11-10 15:30:01 -0600
committer	Nicolas Williams <nico@cryptonector.com>	2011-11-10 15:30:01 -0600
commit	e0c275cc057ec4cbbb59a182751a3ed61a2e7d9c (patch)
tree	7a945e8c3f1bb93ab38bfb2741cf1a1f361e235c /README
parent	1bbfe0dbbfb29a100eb6c124761cea31ca397e20 (diff)
download	gss-proxy-e0c275cc057ec4cbbb59a182751a3ed61a2e7d9c.tar.gz gss-proxy-e0c275cc057ec4cbbb59a182751a3ed61a2e7d9c.tar.xz gss-proxy-e0c275cc057ec4cbbb59a182751a3ed61a2e7d9c.zip