Proposal: Support for 32 bit version numbers in keytabs
Morrison, Wayne
wayne.morrison at hp.com
Thu Dec 2 14:26:22 EST 2004
>>How does this work with SEAM on Solaris or HP's Kerberos or any other
>>vendor?
>
>
> The short answer is - I do not know.
>
> If HP's kerberos is really based on MIT 1.2.2 release (according to one
> web site) - then they do not have the vno > 240 hacks - but the file
> reading code should be the same.
You have to be more specific about WHICH of HP's Kerberos implementations you're talking about. There are at least three, to my knowledge: HP-UX, Tru64, and OpenVMS. They're all different, and the only one that I can speak definitively on is OpenVMS. The currently shipping OpenVMS code is based on MIT Kerberos 1.2.6, with additional security fixes. A port of 1.3.x is underway. The HP-UX Kerberos documentation on their web site does appear to indicate that it's still based on 1.2.2. I've been unable to find similar information for Tru64 Kerberos.
As for a subsequent post asking about who's still using DCE, I can shed some light there as well. OpenVMS DCE, based on The Open Group's release 1.2.2, is still being used by a number of our customers, and is still being supported as of today. Last I knew, Entegrity (used to be Gradient) was still supporting DCE on other platforms as well. OK, I'll admit it... I used to be the DCE Project Leader for OpenVMS until a couple of years ago. :-)
Wayne Morrison
Kerberos & CDSA Project Leader
OpenVMS Engineering
More information about the krbdev
mailing list