Proposal: Support for 32 bit version numbers in keytabs

Morrison, Wayne wayne.morrison at
Thu Dec 2 14:26:22 EST 2004

>>How does this work with SEAM on Solaris or HP's Kerberos or any other
> The short answer is - I do not know.
> If HP's kerberos is really based on MIT 1.2.2 release (according to one
> web site) - then they do not have the vno > 240 hacks - but the file
> reading code should be the same.

You have to be more specific about WHICH of HP's Kerberos implementations you're talking about.  There are at least three, to my knowledge:  HP-UX, Tru64, and OpenVMS.  They're all different, and the only one that I can speak definitively on is OpenVMS.  The currently shipping OpenVMS code is based on MIT Kerberos 1.2.6, with additional security fixes.  A port of 1.3.x is underway.  The HP-UX Kerberos documentation on their web site does appear to indicate that it's still based on 1.2.2.  I've been unable to find similar information for Tru64 Kerberos.

As for a subsequent post asking about who's still using DCE, I can shed some light there as well.  OpenVMS DCE, based on The Open Group's release 1.2.2, is still being used by a number of our customers, and is still being supported as of today.  Last I knew, Entegrity (used to be Gradient) was still supporting DCE on other platforms as well.  OK, I'll admit it... I used to be the DCE Project Leader for OpenVMS until a couple of years ago.  :-)

	Wayne Morrison
	Kerberos & CDSA Project Leader
	OpenVMS Engineering

More information about the krbdev mailing list