1.7 planning: MIT's Seed Projects

[Sam Hartman]

Code cleanup:

    * build on platforms commonly used  by developers with -Werror
    * Rewrite the replay cache for better performance and maintainability
    * Select an rpcgen and use that to generate rpc stubs for kadmin




set/change password:
    * IPv6 and NAT support
    * implement standards-track set/change password

plug-ins:
    * Integrate Novell GSS-API mechglue with plugin support
    This extends the contribution from Sun with the ability to load plugins.
    * authorization data

GSS:
    * Implement RFC 4402 (GSSAPI PRF)
    * Feed strings from krb5 contexts through GSS-API errors
      so for example you know which key is not found in a keytab

protocol:
    * integrate pkinit
    * extensible strategy for adding ASN.1 stuff to plugins

misc:
    * auxiliary APIs that go with cccursor, e.g., locking
    * jettison application subtree to third party maintainers

KDC:
    * support for opaque KDB handles

kadm5:
    * enhanced error messages
    * TCP based set/change password (server-side)

doc:
    * krb5 API doc
    * better doc of procedures, styles
    * patch contribution guidelines

KIM:
    * KIM versions of kinit, klist, etc.
    * Implement Kerberos Identity Management API per design

ccapi:
    * ccapi for unix
    * locking
    * copy to krb5 tree

testing:
    * LDAP
    * pkinit
    * kfm
    * review (excessively redundant) set of tests we're running

build:
    * cleanup allowing for single configure script

RPC:
    * IPv6