logo_kerberos.gif

Release Meeting Minutes/2010-01-12

From K5Wiki
< Release Meeting Minutes
Revision as of 18:34, 9 February 2010 by TomYu (talk | contribs) (New page: ;Sam: maybe pull up pkinit change to 1.7.1. ticket #6587 Master key stash file... manual mkey entry... ;Sam: Make sure you don't break the ability to roll over a master key that is a pa...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Sam
maybe pull up pkinit change to 1.7.1. ticket #6587

Master key stash file... manual mkey entry...

Sam
Make sure you don't break the ability to roll over a master key that is a password.

Some byteswap issue with reading legacy master key stash files?

Will Fiveash
"bigendian" test suite stash file appears to be a keytab?

What if the kadmin password history key is weak? How do people deal with migrating to 1.8 in that case?

Make weak crypto check not apply to history key. Possibly post-1.8 -- allow use of master key as password history key.