logo_kerberos.gif

Difference between revisions of "Release 1.8"

From K5Wiki
Jump to: navigation, search
(Administrator experience)
Line 38: Line 38:
 
* More versatile [[Projects/Enctype_config_enhancements|crypto configuration]], to simplify migration away from DES
 
* More versatile [[Projects/Enctype_config_enhancements|crypto configuration]], to simplify migration away from DES
 
* [[Projects/Lockout|Lockout]] for repeated login failures
 
* [[Projects/Lockout|Lockout]] for repeated login failures
  +
* [[Projects/HDBBridge|HDBBridge]] so an MIT KDC can read a Heimdal database
   
 
== Protocol evolution ==
 
== Protocol evolution ==

Revision as of 17:18, 6 January 2010

This is the preliminary proposed goal set for the krb5-1.8 release. Please provide comments on the krbdev list. This page organizes the goals by the "guiding principles" listed in the roadmap.

Timeline

This is only an approximate timeline.

  • 2009-10-06 -- "halfway point" feature and integration test
  • 2010-01-04 -- make release branch
  • 2010-03-01 -- final release

Code quality

Modularity

Performance

End-user experience

  • Reduce DNS dependence
    • Love's ccache auxiliary data proposal allows client library to track whether a KDC supports service principal referrals.

Administrator experience

  • Disable DES by default (1.8)
  • More versatile crypto configuration, to simplify migration away from DES
  • Lockout for repeated login failures
  • HDBBridge so an MIT KDC can read a Heimdal database

Protocol evolution