Release 1.11

From K5Wiki
Revision as of 20:48, 23 April 2012 by TomYu (talk | contribs)

Jump to: navigation, search


This is only an approximate timeline. Dates are subject to change.

  • Oct. 2012 -- make release branch
  • Dec. 2012 -- final release

Code quality

Developer experience

  • Use default keytab for gss_init_sec_context when available
  • Importing and exporting of GSS creds (useful for async GSS proxy) -- expecting contribution
  • Interposition for GSS mechglue
  • Documentation consolidation

End-user experience

  • Documentation consolidation

Administrator experience


  • Improve (or eliminate) KDC lookaside cache

Protocol evolution

  • Authorization data container with multiple verifiers
  • POSIX directory info in authorization data (PAD)
  • Level of Assurance in authorization data
  • Site-defined string-keyed claims in authorization data
  • X.509 attributes in authorization data
  • FAST preauth sets (e.g. OTP + long-term password)