Release Meeting Minutes/2010-08-31
Shawn Emery, Zhanna Tsitkova, Greg Hudson, Tom Yu, Simo Sorce, Sam Hartman
Shawn will look into arrangements re early solaris source access.
- password quality interface. princ, pass, dictfile, policy name; localization of password quality error messages: how to localize? on client or server? send number? or string?
- Microsoft uses message catalog numbers in free-form text.
- Will leave parameter for localization.
- Disagree for complexity reasons.
- Leaves open the possibility; extra unused parameter is a small cost.
- can think of many reasons for that set/change protocol and none of them are localization. Is Marcus happy?
- Marcus offered it as a suggestion. Have already implemented many of the changes Marcus made.
- Prefer to not do password sync via stackable DB mechanisms. Love likes it, but it's not implemented in Heimdal yet.
- iprop is kind of gimpy stacking. Hooks look like a potential stacking.
- issues with multi-tierd using file replay caches. sharing "host" principal. locking issues? Multiple threads independently open an rcache; mutex only protects in-memory object, not file.
- Make changes in GSS relating to [acceptor?] credentials.
- High level: protocols should be replay-proof. rcache doesn't help with suppress/replay, etc. attacks.