Difference between revisions of "Release 1.11"

Revision as of 21:58, 23 April 2012

This is only an approximate timeline. Dates are subject to change.

Improve ASN.1 support code, making it table-driven for decoding as well as encoding (done)
Refactor parts of KDC, to better support libKDC and Projects/Trust KDC-local name resolution

Use default keytab for gss_init_sec_context when available
Importing and exporting of GSS creds (useful for async GSS proxy) -- expecting contribution
Documentation consolidation

Projects/Trust KDC-local name resolution
FAST OTP client in libkrb5 (maybe excluding second-level plugins hardware OTP tokens)
Documentation consolidation

@@ Line 15: / Line 15: @@
 * Use default keytab for gss_init_sec_context when available
 * Importing and exporting of GSS creds (useful for async GSS proxy) -- expecting contribution
-* Interposition for GSS mechglue
 * Documentation consolidation
@@ Line 34: / Line 33: @@
 == Protocol evolution ==
-* Authorization data container with multiple verifiers
+* Authorization data -- conditional on IETF consensus
-* POSIX directory info in authorization data (PAD)
+** Authorization data container with multiple verifiers (CAMMAC)
-* Level of Assurance in authorization data
+** POSIX directory info in authorization data (PAD)
-* Site-defined string-keyed claims in authorization data
+** Level of Assurance in authorization data
-* X.509 attributes in authorization data
+** Site-defined string-keyed claims in authorization data
+** X.509 attributes in authorization data
 * FAST preauth sets (e.g. OTP + long-term password)