Replacing master/slave terminology

Greg Hudson ghudson at mit.edu
Wed Jun 10 17:03:44 EDT 2020


On 6/10/20 3:48 PM, Nate Coraor wrote:
> I'd like to propose that an effort be made to replace master/slave
> terminology in MIT and Heimdal implementations at some future milestone.

MIT krb5 switched to using "replica" for non-primary KDCs as of release
1.17.  This was an easy change technically, as the old term was only
used in a user-visible way in documentation and in the name of one
profile relation.  The pull request for that change was here:
https://github.com/krb5/krb5/pull/851

Replacing the term "master" is a larger technical challenge.  We use
that term in a DNS SRV record label (_master_kdc), and migrating that
would come with a cost in network traffic and latency.  Aside from the
kprop architecture, we also use the term "master key" to describe the
key used to encrypt long-term keys in the KDC database.

I have rationalized to myself that the term "master" is the less
problematic of the two terms, as it is used in a lot of different
contexts (such as physical master keys, martial arts masters, master
plumbers, and master recordings of records).  But I don't know if that
rationalization is adequate; from recent discussion I know that git's
use of "master" for the initial default branch name has become a point
of contention.


More information about the Kerberos mailing list