Difference between revisions of "Roadmap (completed items)"
From K5Wiki
(New page: These roadmap items have been completed. This is not an exhaustive list. Items will remain here until they have been cross-checked as being listed in the relevant release notes, at w...) |
|||
| Line 16: | Line 16: | ||
* Move toward test-driven development |
* Move toward test-driven development |
||
** Python-based test framework (1.9) |
** Python-based test framework (1.9) |
||
| + | * Selective refactoring |
||
| + | ** KDC (1.9) |
||
== Developer experience == |
== Developer experience == |
||
| Line 24: | Line 26: | ||
** Performance optimizations (caching, etc.) |
** Performance optimizations (caching, etc.) |
||
** New API design for [[Projects/Encryption performance|encryption performance]] (1.8) |
** New API design for [[Projects/Encryption performance|encryption performance]] (1.8) |
||
| + | ** NSS back end (1.9) |
||
* "The Great Reindent" (1.8) |
* "The Great Reindent" (1.8) |
||
* Plugins |
* Plugins |
||
| Line 35: | Line 38: | ||
* Referrals (1.7) |
* Referrals (1.7) |
||
* Localization (1.10) |
* Localization (1.10) |
||
| + | * Credential management |
||
| + | ** DIR ccache type, .k5identity, etc. |
||
| + | ** KCM ccache type |
||
| + | * Identity management |
||
== Administrator experience == |
== Administrator experience == |
||
Latest revision as of 15:21, 31 August 2015
These roadmap items have been completed. This is not an exhaustive list. Items will remain here until they have been cross-checked as being listed in the relevant release notes, at which time they will be removed.
Contents
Code quality
- Remove krb4 (1.7)
- Move applications to separate distribution (1.8)
- Use safer library functions
- Avoids false positives
- Avoids need to (probably manually) evaluate "unsafe" calls
- Stop using strcpy, strcat, sprintf, etc.
- Mostly done
- New internal APIs for complex operations
- Reduce commitment to "difficult" platforms
- See supported platforms
- Focuses resources more effectively
- Move toward test-driven development
- Python-based test framework (1.9)
- Selective refactoring
- KDC (1.9)
Developer experience
- GSS-API mechglue changes to enable NTLM support (1.7)
- Crypto modularity (1.8)
- Native (accelerated) crypto API support
- Performance optimizations (caching, etc.)
- New API design for encryption performance (1.8)
- NSS back end (1.9)
- "The Great Reindent" (1.8)
- Plugins
- PRNG (1.9)
- Profile / configuration (1.10)
- Subsets
- GSS-API: separate context establishment from message protection functions, e.g. Solaris user/kernel space split (1.10)
End-user experience
- Referrals (1.7)
- Localization (1.10)
- Credential management
- DIR ccache type, .k5identity, etc.
- KCM ccache type
- Identity management
Administrator experience
- Incremental propagation (1.7)
- Master key rollover (1.7)
- Auditing support (log all ticket requests) (1.7)
- Disable DES by default (1.8)
- Add more versatile facilities for configuring cryptosystems (1.8)
- Lockout for repeated login failures (1.8)
- Implement LHA/Apple proposal to store config information in ccache to signal when a realm supports referrals and thus the future capability to eschew reverse DNS resolution (1.8)
- Trace logging for easier troubleshooting (1.9)
- Plugins for password quality checks (1.9)
- Plugins for password synchronization (1.9)
- Print enctypes using the "input form" string (1.9)
Performance
- New crypto API (1.8) facilitates optimizations
- Replay cache ("rcache")
- Collision avoidance (1.7)
- Disable replay cache on KDC (1.9)
Protocol evolution
- Encryption algorithm negotiation (1.7)
- Microsoft Kerberos extensions (1.7)
- Improved PKINIT support (1.7)
- Anonymous PKINIT (1.8)
- FAST (done in 1.7 for a subset; IETF)
- FAST negotiation (1.8)
- IAKERB (1.9)
- Camellia (1.9)
