logo_kerberos.gif

Release Meeting Minutes/2012-08-21

From K5Wiki
Jump to: navigation, search


Will Fiveash, Greg Hudson, Ben Kaduk, Nathaniel McCallum, Zhanna Tsitkov, Tom Yu

Greg
Nathaniel, hand testing of OTP?
Nathaniel
this afternoon
Greg
Emacs, vim, etc?
Nathaniel
Eclipse. Could make a style guide (XML-based config) for other Eclipse users.
Will
Been busy. Asking Zhanna for manpage list.
Nathaniel
Simo concerns about server side of AuthHub... config of tokens in string attributes. Fully synchronous; want async.
Greg
That isn't large is it?
Nathaniel
Could be multiple LDAP queries.
Greg
Sounds like an IPA issue?
Nathaniel
Plugin is synchronous in KDC.
Nathaniel
[ 2-pass OTP ] prespecified info to deal with callback. Protocol has way to ship info in first request.
Greg
Optimistic preauth. You need to know more than user-provided secrets: salt, key generation parameters (KDC-side configuration).
Nathaniel
For OTP, need to know vendor.
Greg
krb5_gic_opt_set_pa sould not want to shoehorn into request/response set
Nathaniel
Push/ pull. How to supply info up front.
Greg
[ tying 2 issues together ] API pull/push vs optimistic. probably others. [ looping preauth enc_ts bug ]
Greg
Disagreement with current framework. Currently same entry point for AS-REP, KRB-ERROR.