Difference between revisions of "Release 1.13"
From K5Wiki
(New page: == Timeline == This is only an approximate timeline. Dates are subject to change. * Oct. 2014 -- make release branch * Dec. 2014 -- final release == Code quality == * Additional KDC re...) |
|||
Line 20: | Line 20: | ||
* [[Projects/Trust KDC-local name resolution]] |
* [[Projects/Trust KDC-local name resolution]] |
||
+ | * [[Projects/Improve GSSAPI mechanism configuration]] |
||
+ | * [[Projects/LDAP SASL TLS support]] |
||
+ | * Hierarchical incremental propagation |
||
== Performance == |
== Performance == |
||
Line 25: | Line 28: | ||
== Protocol evolution == |
== Protocol evolution == |
||
+ | * [[Projects/HTTP Transport]] |
||
* Ticket flag to signal KDC support for resolving aliases |
* Ticket flag to signal KDC support for resolving aliases |
||
* Authorization data -- conditional on IETF consensus |
* Authorization data -- conditional on IETF consensus |
Revision as of 13:58, 26 November 2013
Contents
Timeline
This is only an approximate timeline. Dates are subject to change.
- Oct. 2014 -- make release branch
- Dec. 2014 -- final release
Code quality
- Additional KDC refactoring
Developer experience
End-user experience
- Reduce DNS-related difficulties with service principal names
- Config to disable client service principal canonicalization
Administrator experience
- Projects/Trust KDC-local name resolution
- Projects/Improve GSSAPI mechanism configuration
- Projects/LDAP SASL TLS support
- Hierarchical incremental propagation
Performance
Protocol evolution
- Projects/HTTP Transport
- Ticket flag to signal KDC support for resolving aliases
- Authorization data -- conditional on IETF consensus
- Authorization data container with multiple verifiers (CAMMAC)
- POSIX directory info in authorization data (PAD)
- Level of Assurance in authorization data
- Site-defined string-keyed claims in authorization data
- X.509 attributes in authorization data
- FAST preauth sets (e.g. OTP + long-term password)