From: John Kohl Date: Mon, 17 Dec 1990 14:36:29 +0000 (+0000) Subject: add comment on variant of data types used for PA-DATA X-Git-Tag: krb5-1.0-alpha3~35 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=be259b41d5aaff24096649f70f32a70d6f0fb7c4;p=krb5.git add comment on variant of data types used for PA-DATA git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1558 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/asn.1/KRB5-asn.py b/src/lib/krb5/asn.1/KRB5-asn.py index c0fc1a4f9..e6a6e2a24 100644 --- a/src/lib/krb5/asn.1/KRB5-asn.py +++ b/src/lib/krb5/asn.1/KRB5-asn.py @@ -126,6 +126,14 @@ TGS-REQ ::= [APPLICATION 12] SEQUENCE { -- the preceding two sequences MUST be the same except for the -- APPLICATION identifier +-- Note that the RFC specifies that PA-DATA is just a SEQUENCE, and when +-- it appears in the messages, it's a SEQUENCE OF PA-DATA. +-- However, this has an identical encoding to the data defined here, +-- which has PA-DATA as SEQUENCE OF SEQUENCE, and the messages use a +-- straight PA-DATA. This has the advantage (at least under ISODE) of +-- giving a "known" name to the PA-DATA array, making it more easily +-- manipulated by "glue code". + PA-DATA ::= SEQUENCE OF SEQUENCE { padata-type[1] INTEGER, pa-data[2] OCTET STRING -- might be encoded AP-REQ