Difference between revisions of "Release Meeting Minutes/2011-11-22"
From K5Wiki
(New page: Will Fiveash, Carlos Garay, Thomas Hardjono, Sam Hartman, Greg Hudson, Simo Sorce, Zhanna Tsitkova, Tom Yu ;Simo: Bug in directory server. 2 threads using same ccache at same time. ;Greg:...) |
(No difference)
|
Revision as of 19:30, 28 November 2011
Will Fiveash, Carlos Garay, Thomas Hardjono, Sam Hartman, Greg Hudson, Simo Sorce, Zhanna Tsitkova, Tom Yu
- Simo
- Bug in directory server. 2 threads using same ccache at same time.
- Greg
- Need to use separate krb contexts. There might be some bugs.
- Simo
- Cross-realm trust with windows. Trying to validate PAC. Failing. Signature always fails to validate.
- Sam
- Greg, MD5 checksum bug we found at interop?
- Greg
- Is it using AES256 keys?
- Simo
- Don't know key types.
- Greg
- PACs always use HMAC-MD5 for all enctypes. Length issue. Fixed on trunk. Might not be pulled up yet.
- Sam
- SSSD ported to use new preauth interface?
- Simo
- Not yet.
- Sam
- Will have to open bug on Debian's SSSD about it becoming completely broken on krb5 update....
- Simo
- Only using KDC location plugin.
- Greg
- Working on OTP encoders based on Linus code. Want some way to text. Maybe PyASN1.
- Sam
- Might be better to use a tool that reads the actual ASN.1 notation in the RFC.
- Tom
- There are historical artifacts due to students misreading ASN.1.
- Greg
- 2**31 nonce.
- Sam
- Issue written up by Ken. (KRB-SAFE/KRB-PRIV have weird interop issues) [krbdev.mit.edu #3196]
- Sam
- IETF. Need some focused work on general PAC. Maybe January-ish virtual meeting. (a WG session)
Thomas will get scheduled. 2nd week of January?
- Sam
- DHCP6. Unfortunately the AD has bounced it as unreadable. Steve Farrell cares about editorial quality.
- Tom
- Proposed some AD types.
- Sam
- Positive response.
- Tom
- Levels of Assurance -- verbose URNs. How about OIDs?
- Sam
- Maybe add a column to the registry.
- Tom
- 1.10 release. issues?
- Greg
- OTP encoders in. Probably shouldn't impact schedule.
- Sam
- Revised FAST PKINIT; will commit soon. Typed data ordering.
- Greg
- Made pkinit look at all padata.
- Sam
- Windows -- signed builds? Project management updates. Cloase to alpha1 for KfW. Could set things up to pull entire built tree and run special target to sign. 3 phases: build, sign, copy back, copy installer...
- Sam
- Maybe broke existing versions of KfW. Probably find and remove old versions before installing.