logo_kerberos.gif

Difference between revisions of "Release 1.11"

From K5Wiki
Jump to: navigation, search
Line 7: Line 7:
   
 
== Code quality ==
 
== Code quality ==
  +
  +
* Improve ASN.1 support code
  +
* Refactor parts of KDC
   
 
== Developer experience ==
 
== Developer experience ==
   
 
* Use default keytab for gss_init_sec_context
 
* Use default keytab for gss_init_sec_context
  +
* Interposition for GSS mechglue
  +
* Documentation consolidation
   
 
== End-user experience ==
 
== End-user experience ==
  +
  +
* Documentation consolidation
   
 
== Administrator experience ==
 
== Administrator experience ==
Line 18: Line 25:
 
* [[Projects/Trust KDC-local name resolution]]
 
* [[Projects/Trust KDC-local name resolution]]
 
* FAST OTP client in libkrb5 (maybe excluding second-level plugins hardware OTP tokens)
 
* FAST OTP client in libkrb5 (maybe excluding second-level plugins hardware OTP tokens)
  +
* Documentation consolidation
   
 
== Performance ==
 
== Performance ==
   
 
== Protocol evolution ==
 
== Protocol evolution ==
  +
  +
* Authorization data container with multiple verifiers
  +
* POSIX directory info in authorization data (PAD)
  +
* Level of Assurance in authorization data
  +
* Site-defined string-keyed claims in authorization data
  +
* X.509 attributes in authorization data
  +
* FAST preauth sets (e.g. OTP + long-term password)

Revision as of 16:54, 26 February 2012

Timeline

This is only an approximate timeline. Dates are subject to change.

  • Oct. 2012 -- make release branch
  • Dec. 2012 -- final release

Code quality

  • Improve ASN.1 support code
  • Refactor parts of KDC

Developer experience

  • Use default keytab for gss_init_sec_context
  • Interposition for GSS mechglue
  • Documentation consolidation

End-user experience

  • Documentation consolidation

Administrator experience

Performance

Protocol evolution

  • Authorization data container with multiple verifiers
  • POSIX directory info in authorization data (PAD)
  • Level of Assurance in authorization data
  • Site-defined string-keyed claims in authorization data
  • X.509 attributes in authorization data
  • FAST preauth sets (e.g. OTP + long-term password)