svn rev #23587: trunk/ doc/ src/

tlyu@MIT.EDU tlyu at MIT.EDU
Mon Jan 4 23:37:07 EST 2010 

http://src.mit.edu/fisheye/changelog/krb5/?cs=23587
Commit By: tlyu
Log Message:
README, copyright, patchlevel for krb5-1.8 branch


Changed Files:
U   trunk/README
U   trunk/doc/copyright.texinfo
U   trunk/src/patchlevel.h
Modified: trunk/README
===================================================================
--- trunk/README	2010-01-05 02:47:58 UTC (rev 23586)
+++ trunk/README	2010-01-05 04:37:07 UTC (rev 23587)
@@ -1,4 +1,4 @@
-                   Kerberos Version 5, Release 1.7
+                   Kerberos Version 5, Release 1.8
 
                             Release Notes
                         The MIT Kerberos Team
@@ -7,20 +7,20 @@
 ---------------------------------
 
 The source distribution of Kerberos 5 comes in a gzipped tarfile,
-krb5-1.7.tar.gz.  Instructions on how to extract the entire
+krb5-1.8.tar.gz.  Instructions on how to extract the entire
 distribution follow.
 
 If you have the GNU tar program and gzip installed, you can simply do:
 
-        gtar zxpf krb5-1.7.tar.gz
+        gtar zxpf krb5-1.8.tar.gz
 
 If you don't have GNU tar, you will need to get the FSF gzip
 distribution and use gzcat:
 
-        gzcat krb5-1.7.tar.gz | tar xpf -
+        gzcat krb5-1.8.tar.gz | tar xpf -
 
-Both of these methods will extract the sources into krb5-1.7/src and
-the documentation into krb5-1.7/doc.
+Both of these methods will extract the sources into krb5-1.8/src and
+the documentation into krb5-1.8/doc.
 
 Building and Installing Kerberos 5
 ----------------------------------
@@ -63,61 +63,21 @@
 --------------
 
 The Data Encryption Standard (DES) is widely recognized as weak.  The
-krb5-1.7 release will contain measures to encourage sites to migrate
-away from using single-DES cryptosystems.  Among these is a
-configuration variable that enables "weak" enctypes, but will default
-to "false" in the future.  Depending on the outcome of ongoing
-discussion on krbdev at mit.edu, this default could change prior to the
-final release of krb5-1.7.
+krb5-1.7 release contains measures to encourage sites to migrate away
+from using single-DES cryptosystems.  Among these is a configuration
+variable that enables "weak" enctypes, which defaults to "false"
+beginning with krb5-1.8.
 
-Additional measures to ease the transition away from DES are planned
-for the final krb5-1.7 release.
-
-Major changes in 1.7
+Major changes in 1.8
 --------------------
 
-* Remove support for version 4 of the Kerberos protocol (krb4).
+krb5-1.8 changes by ticket ID
+-----------------------------
 
-* New libdefaults configuration variable "allow_weak_crypto".  NOTE:
-  Currently defaults to "false", but may default to "true" in a future
-  release.  Setting this variable to "false" will have the effect of
-  removing weak enctypes (currently defined to be all single-DES
-  enctypes) from permitted_enctypes, default_tkt_enctypes, and
-  default_tgs_enctypes.
-
-* Client library now follows client principal referrals, for
-  compatibility with Windows.
-
-* KDC can issue realm referrals for service principals based on domain
-  names.
-
-* Encryption algorithm negotiation (RFC 4537).
-
-* In the replay cache, use a hash over the complete ciphertext to
-  avoid false-positive replay indications.
-
-* Microsoft GSS_WrapEX, implemented using the gss_iov API, which is
-  similar to the equivalent SSPI functionality.
-
-* DCE RPC, including three-leg GSS context setup and unencapsulated
-  GSS tokens.
-
-* NTLM recognition support in GSS-API, to facilitate dropping in an
-  NTLM implementation.
-
-* KDC support for principal aliases, if the back end supports them.
-
-* Microsoft set/change password (RFC 3244) protocol in kadmind.
-
-* Master key rollover support.
-
-Changes by ticket ID
---------------------
-
 Copyright and Other Legal Notices
 ---------------------------------
 
-Copyright (C) 1985-2009 by the Massachusetts Institute of Technology.
+Copyright (C) 1985-2010 by the Massachusetts Institute of Technology.
 
 All rights reserved.
 
@@ -664,18 +624,9 @@
 OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-Acknowledgements
-----------------
+Acknowledgements for krb5-1.8
+-----------------------------
 
-Thanks to Red Hat for donating the pre-authentication plug-in
-framework.
-
-Thanks to Novell for donating the KDB abstraction layer and the LDAP
-database plug-in.
-
-Thanks to Sun Microsystems for donating their implementations of
-mechglue, SPNEGO, and incremental propagation.
-
 Thanks to the members of the Kerberos V5 development team at MIT, both
 past and present: Danilo Almeida, Jeffrey Altman, Justin Anderson,
 Richard Basch, Jay Berkenbilt, Mitch Berger, Andrew Boardman, Joe

Modified: trunk/doc/copyright.texinfo
===================================================================
--- trunk/doc/copyright.texinfo	2010-01-05 02:47:58 UTC (rev 23586)
+++ trunk/doc/copyright.texinfo	2010-01-05 04:37:07 UTC (rev 23587)
@@ -1,4 +1,4 @@
-Copyright @copyright{} 1985-2008 by the Massachusetts Institute of Technology.
+Copyright @copyright{} 1985-2010 by the Massachusetts Institute of Technology.
 
 @quotation
 Export of software employing encryption from the United States of

Modified: trunk/src/patchlevel.h
===================================================================
--- trunk/src/patchlevel.h	2010-01-05 02:47:58 UTC (rev 23586)
+++ trunk/src/patchlevel.h	2010-01-05 04:37:07 UTC (rev 23587)
@@ -51,8 +51,8 @@
  * organization.
  */
 #define KRB5_MAJOR_RELEASE 1
-#define KRB5_MINOR_RELEASE 7
+#define KRB5_MINOR_RELEASE 8
 #define KRB5_PATCHLEVEL 0
 #define KRB5_RELTAIL "prerelease"
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "trunk"
+#define KRB5_RELTAG "branches/krb5-1-8"

More information about the cvs-krb5 mailing list