logo_kerberos.gif

Release Meeting Minutes/2010-06-15

From K5Wiki
< Release Meeting Minutes
Revision as of 17:46, 18 June 2010 by TomYu (talk | contribs) (New page: Simo Sorce, Will Fiveash, Zhanna Tsitkova, Greg Hudson, Thomas Hardjono, Tom Yu ;Will: master key stash problems. LDAP? Creating a slave DB is hard because stash command wants an existin...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Simo Sorce, Will Fiveash, Zhanna Tsitkova, Greg Hudson, Thomas Hardjono, Tom Yu

Will
master key stash problems. LDAP? Creating a slave DB is hard because stash command wants an existing DB.

Simo mentions problems with SELinux, etc. where shared service principal but can't share rcache due to being in separate security domains. Some discussion about what would be needed to make an application replay-proof.

There's a possible Diffie-Hellman incompatibility in anonymous PKINIT. Tom will research and send mail to affected parties.

Greg
DAL cleanup... for plugin architecture, use individual functions?
Simo
no strong preference

Greg asks about some trace logging stuff. Tom prefers that there be a default trace log level (when activated) that allows debugging of the most common configuration issues, and optionally allow more verbosity for debugging code.

Zhanna
Keywords are not really useful. When a customer files a problem report, it's difficult for them to find out what keywords to use.