logo_kerberos.gif

Difference between revisions of "Release 1.11"

From K5Wiki
Jump to: navigation, search
(Code quality)
Line 13: Line 13:
 
== Developer experience ==
  
== Developer experience ==
   
* Use default keytab for gss_init_sec_context
 +
* Use default keytab for gss_init_sec_context when available
  +
* Importing and exporting of GSS creds (useful for async GSS proxy) -- expecting contribution
 
* Interposition for GSS mechglue
  
* Interposition for GSS mechglue
 
* Documentation consolidation
  
* Documentation consolidation
* gss_export_cred (useful for async GSS proxy) -- expecting contribution
  
   
 
== End-user experience ==
  
== End-user experience ==
Line 29: Line 28:
   
 
== Performance ==
  
== Performance ==
  +
  +
* Improve (or eliminate) KDC lookaside cache
   
 
== Protocol evolution ==
  
== Protocol evolution ==

Revision as of 19:48, 23 April 2012

Timeline

This is only an approximate timeline. Dates are subject to change.

  • Oct. 2012 -- make release branch
  • Dec. 2012 -- final release

Code quality

Developer experience

  • Use default keytab for gss_init_sec_context when available
  • Importing and exporting of GSS creds (useful for async GSS proxy) -- expecting contribution
  • Interposition for GSS mechglue
  • Documentation consolidation

End-user experience

  • Documentation consolidation

Administrator experience

Performance

  • Improve (or eliminate) KDC lookaside cache

Protocol evolution

  • Authorization data container with multiple verifiers
  • POSIX directory info in authorization data (PAD)
  • Level of Assurance in authorization data
  • Site-defined string-keyed claims in authorization data
  • X.509 attributes in authorization data
  • FAST preauth sets (e.g. OTP + long-term password)
Retrieved from "https://k5wiki.kerberos.org./wiki?title=Release_1.11&oldid=4602"