Release Meeting Minutes/2011-11-01
From K5Wiki
< Release Meeting Minutes
Revision as of 12:06, 3 November 2011 by TomYu (talk | contribs) (New page: {{minutes|2011}} Jozsef Doczi, Will Fiveash, Thomas Hardjono, Greg Hudson, Simo Sorce, Zhanna Tsitkova, Tom Yu ==GSS proxy== ;Simo: Updates about GSS proxy. ;Simo: At conference, lots of...)
Jozsef Doczi, Will Fiveash, Thomas Hardjono, Greg Hudson, Simo Sorce, Zhanna Tsitkova, Tom Yu
GSS proxy
- Simo
- Updates about GSS proxy.
- Simo
- At conference, lots of people have some problems that could use GSS proxy. Linux-NFS, Solaris. gssd. Linux-NFS wants to clean up its gssd interfaces. Multiple apps that have to share the same keytab; people want to isolate them from using the key directly. Maybe ssh-agent-like: proxy all the way back to the original client. Agreeing on protocol would make things easier.
- Tom
- Solaris gssd?
- Simo
- Solaris version of gssd is more advanced. Trying to organize some conference calls.
- Simo
- Nico is also interested. Only way to use same protocol everywhere is to use rpcgen etc.
- Tom
- Rather not adopt an intermediate TIRPC (e.g. Linux-NFS version). The one in Solaris might have better async and thread support.
- Simo
- Trying to do sooner rather than later. Also discuss with Nico how/where to hack things into mechglue.
Interop followup
- Simo
- Glad Greg found the AES preauth thing.
- Greg
- Uncovered some interop issues and straight-up bugs.
- Will
- Found a couple of issues...
- Tom
- Diffie-Hellman pkinit interop issue.
- Will
- When tracking interop-related bugs, maybe label as interop issues in RT.
- Simo
- International hostnames in principals?
- Greg
- No obvious answer. e.g., what does IE do w.r.t. host lookups in DNS? vs in SSPI? Your resources for experiments are probably better.
- Simo
- Will ask around.
krb5-1.10
- Tom
- Have branch, alpha snapshot...