Upcoming KfW 3.x ??

[Jeff Blaine]

>> I'd love to be a tester, but unfortunately I need to run the
>> version our users have in order to troubleshoot things.
> Without being a tester, you won't be able to ensure that the next
> release works
> the way you want it to in your environment.   Unless you are providing
> funding or
> some in-kind assistance in the development, why should I spend my time
> answering
> your e-mails when you have trouble?

I guess you shouldn't (?)

Perhaps you could explain Secure Endpoints' role in KFW
development?  Last I heard from a link on your website,
MIT was hiring a full-time developer for KFW.  Did that
not happen?

If I install NIMv2 and report in detail on what I find in
our environment, does that give me credits to use?

>> Aside, is there a reason for the 2-step credential obtaining
>> process where the account is 'checked' then one is given a
>> password text entry field?  It's clunky to interact with.
> In NIM v1.x the account's existence is verified before prompting for a
> password in
> order to protect against users that typo the username or realm and
> created an
> identity in the database that in fact does not exist.
>
> In NIM v2, identities are created by a wizard that walks the user
> through the
> configuration of all applicable credential providers.  After the
> identity is created
> the user simply selects one of the pre-configured ones instead of manually
> typing the username and realm each time.   This change is both to
> improve usability
> but also to permit NIM v2 to be used with X.509 and Keystore identities in
> addition to Kerberos v5.

Great.

>> Another aside, what release will have krb4 cred obtaining
>> disabled by default?
>
> Any release you want.  As I have said before, you can use a transform to
> configure
> the MSI installer to disable Kerberos v4.   You can do this today

I am asking when the decision might be made to turn it off by
default in the master distribution, of course.  I already saw
and read your previous response.