About Cyrus SASL documentation depth
Fabian Fagerholm
fabbe at paniq.net
Tue Jan 15 08:51:47 UTC 2008
On Tue, 2008-01-15 at 09:21 +0100, Patrick Ben Koetter wrote:
> There are, I think, three major aspects to Cyrus SASL documentation:
>
> 1. How Cyrus SASL basically works (Discussion of mechanisms, methods, etc.)
> 2. How Cyrus SASL must be configured to get XYZ.
> 3. How other applications must be configured to have Cyrus SASL work. I am not
> thinking of e.g. how to configure Postfix to offer SMTP AUTH. What I have
> on mind is: How must e.g. OpenLDAP be configured to have the ldapdb auxprop
> plugin work for other apps. This involves some major configuration, which I
> consider to be more part of OpenLDAP. Should we leave such documentation to
> the other maintainer teams or should we go all the way?
>
> Which of the aspects should our documentation cover? I think it should be (2)
> and (3) and maybe some parts of (1) - in as much as their understanding is
> required to get (2) and (3).
I think (1) should be covered in a brief and concise manner, so that a
sysadmin has a correct idea of the SASL architecture and the terms used
(what a mechanism is, for instance). Also, it has to be from a Debian
perspective -- upstream already has an overview document, but it can
feel a little unfamiliar for Debian sysadmins.
I think (2) should be covered in a "recipe-style" -- short configuration
examples to do different things.
For (3), I think it needs to be on a case-by-case basis. Some things
require a complete howto of their own, while some things could be a
suitable mixture of recipes from (2) with some added explanations to tie
it together. Also, some things will belong in other packages. Of course,
the subject is large enough to warrant at least a couple of books to be
written.
Perhaps the best and easiest way to get this stuff written would be to
create it on wiki.debian.org and then periodically pull it into the
package(s).
> And...
> anyone familiar with KERBEROS? I haven't done a Kerberos installation and
> configuration and I wil probably need some help setting it up before I can
> write about it. ;)
There's a pretty nice tutorial for MIT Kerberos at
http://www.spinlocksolutions.com/info/kerberos.html but I haven't really
found one for the Heimdal version.
--
Fabian Fagerholm <fabbe at paniq.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/pkg-cyrus-sasl2-debian-devel/attachments/20080115/566e8395/attachment.pgp
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list