logo_kerberos.gif

Difference between revisions of "Roadmap"

From K5Wiki
Jump to: navigation, search
(fix typo)
(Administrator Experience)
Line 86: Line 86:
 
** Add more versatile facilities for [[Projects/Enctype_config_enhancements|configuring cryptosystems]]
 
** Add more versatile facilities for [[Projects/Enctype_config_enhancements|configuring cryptosystems]]
 
* [[Projects/Lockout|Lockout]] for repeated login failures (1.8)
 
* [[Projects/Lockout|Lockout]] for repeated login failures (1.8)
* [[Projects/Trace logging|Trace logging]] for easier troubleshooting (1.8)
+
* [[Projects/Trace logging|Trace logging]] for easier troubleshooting (1.9)
   
 
=== Performance ===
 
=== Performance ===

Revision as of 19:18, 23 December 2009

This is the outline of the development roadmap for MIT Kerberos. A more comprehensive list of projects is also available; some individual projects have links below.

Timeline

Target 6 to 12 month cycle. (9 months plus/minus 3)

krb5-1.8
Branch Jan. 2009
Release early Mar. 2010
krb5-1.9
Branch Sep. 2010
Release Dec. 2010

Guiding principles

  • Code quality
  • Modularity
  • End-user experience
  • Administrator experience
  • Performance
  • Protocol evolution

Code quality

  • Remove krb4 (1.7)
  • Move toward test-driven development
  • Increase conformance to coding style
    • "The Great Reindent"?
    • Selective refactoring
  • Use safer library functions (ongoing)
    • Avoids false positives
    • Avoids need to (probably manually) evaluate "unsafe" calls
    • Stop using strcpy, strcat, sprintf, etc.
      • Mostly done
      • New internal APIs for complex operations
  • Reduce commitment to "difficult" platforms

Modularity

  • Crypto (1.8)
    • Native (accelerated) crypto API support
    • Performance optimizations (caching, etc.)
    • New API design for encryption performance (1.8)
  • Support readily building subsets
    • "Lite" client
    • "Lite" server
    • "GSS-API": separate context establishment from message protection functions, e.g. Solaris user/kernel space split
  • GSS-API mechanism glue
    • At least rough form to enable NTLM support (1.7)
    • Possible refinements later (1.8)
  • KDC Database (long-term)
    • Does the existing DAL make sense?
    • Make data model less "blobby"
    • Track IETF data model work
    • New API around 1.8
    • New implementation around 1.9
  • Secure co-processor ("would be nice")

End-user experience

  • Enhanced error messages for GSS-API (done)
  • Referrals (1.7)
    • DNS independence via referrals
  • Localization of static error strings (1.7+)
  • Credential management
    • KIM API (done)
    • Cross-platform CCAPI
      • Done for Mac & Windows
      • UNIX implementation (1.7+)

Administrator Experience

  • Incremental propagation (1.7)
    • Integrated; needs cleanup
  • Improve key rollover
    • Master key (1.7)
    • Application service keys (1.8)
  • Decrease DNS-related fragility
    • Investigate LHA/Apple proposal to store config information in ccache to signal when a realm supports referrals and thus the option to eschew reverse DNS resolution
  • Audit support (log all ticket requests) (1.7+)
  • Disable DES by default (1.8)
    • Investigate doing this for 1.8 and removing single-DES completely by 1.9
    • Add more versatile facilities for configuring cryptosystems
  • Lockout for repeated login failures (1.8)
  • Trace logging for easier troubleshooting (1.9)

Performance

  • Decrease DNS traffic (1.7)
    • Stop trying to crawl up to the root
  • Replay cache ("rcache")
    • Disable on KDC (1.7)
      • Avoids known false-positive issues
    • Collision avoidance (1.7)
    • Improve implementation (1.7+)
    • Support disabling by service type name (1.7+)
  • New crypto API (1.8) facilitates optimizations
  • Enhancements to improve concurrency
    • Explicit state
    • Reduce mutex contention
    • Support asynchronous APIs and frameworks such as Apple's Grand Central Dispatch; begin refactoring code to make this easier

Protocol evolution

  • Encryption algorithm negotiation (1.7)
  • Microsoft Kerberos extensions (1.7)
  • Improved PKINIT support (1.7)
  • Anonymous PKINIT (1.8)
  • FAST (done in 1.7 for a subset; IETF)
  • International strings in protocol (1.8+; IETF)
  • Timestamp-independence
  • Replay-proofing protocols
  • Encryption algorithm updates (SHA-2, SHA-3, CCM, GCM)
  • S4U2Self/S4U2Proxy