Difference between revisions of "Release 1.8"
From K5Wiki
(→Protocol evolution) |
|||
(7 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | This is the |
+ | This is the feature set for the '''krb5-1.8 release'''. This page organizes the goals by the "guiding principles" listed in the [[Roadmap|roadmap]]. |
== Timeline == |
== Timeline == |
||
Line 14: | Line 14: | ||
* Increase conformance to coding style |
* Increase conformance to coding style |
||
** See [[Coding style/Transition strategies]] |
** See [[Coding style/Transition strategies]] |
||
− | ** "The great reindent" |
+ | ** "[[Coding style/Reindenting|The great reindent]]" |
** Selective refactoring |
** Selective refactoring |
||
Line 38: | Line 38: | ||
* More versatile [[Projects/Enctype_config_enhancements|crypto configuration]], to simplify migration away from DES |
* More versatile [[Projects/Enctype_config_enhancements|crypto configuration]], to simplify migration away from DES |
||
* [[Projects/Lockout|Lockout]] for repeated login failures |
* [[Projects/Lockout|Lockout]] for repeated login failures |
||
− | * [[Projects/Trace logging|Trace logging]] for easier troubleshooting |
||
+ | * [[Projects/HDBBridge|HDBBridge]] so an MIT KDC can read a Heimdal database |
||
== Protocol evolution == |
== Protocol evolution == |
||
− | * FAST enhancements |
+ | * [[Projects/Fast negotiation|FAST enhancements]] |
− | * Anonymous PKINIT |
||
* [[Projects/Services4User| S4U2Self/S4U2Proxy]] |
* [[Projects/Services4User| S4U2Self/S4U2Proxy]] |
||
+ | * [[Projects/Anonymous pkinit | Anonymous PKINIT]] |
Latest revision as of 15:48, 3 March 2010
This is the feature set for the krb5-1.8 release. This page organizes the goals by the "guiding principles" listed in the roadmap.
Contents
Timeline
This is only an approximate timeline.
- 2009-10-06 -- "halfway point" feature and integration test
- 2010-01-04 -- make release branch
- 2010-03-01 -- final release
Code quality
- Move toward test-driven development
- Increase conformance to coding style
- See Coding style/Transition strategies
- "The great reindent"
- Selective refactoring
Modularity
- Crypto modularity
- Move toward improved KDB interface
- Improved API for verifying and interrogating authorization data
Performance
- Investigate and remedy repeatedly-reported performance bottlenecks.
- Encryption performance
End-user experience
- Reduce DNS dependence
- Love's ccache auxiliary data proposal allows client library to track whether a KDC supports service principal referrals.
Administrator experience
- Disable DES by default (1.8)
- More versatile crypto configuration, to simplify migration away from DES
- Lockout for repeated login failures
- HDBBridge so an MIT KDC can read a Heimdal database