1.7 planning: MIT's Seed Projects
Nicolas Williams
Nicolas.Williams at sun.com
Fri Jan 26 13:45:05 EST 2007
On Mon, Jan 22, 2007 at 02:30:30PM -0500, Sam Hartman wrote:
> Code cleanup:
>
> * build on platforms commonly used by developers with -Werror
Or add lint support? But that would complicate the makefiles a bit.
(And we don't need this -- we already have lint support in OpenSolaris'
krb5 sources.)
> * Rewrite the replay cache for better performance and maintainability
We did this already. Of course, the code is CDDLed...
> * Select an rpcgen and use that to generate rpc stubs for kadmin
IIRC there are bits of the kadmin protocol that cannot be expressed in
XDR.
> plug-ins:
> * Integrate Novell GSS-API mechglue with plugin support
> This extends the contribution from Sun with the ability to load plugins.
Er, Sun's contribution already had that, or did you mean something else?
But from what I hear Novell does have useful improvements to our
contribution.
> GSS:
> * Implement RFC 4402 (GSSAPI PRF)
> * Feed strings from krb5 contexts through GSS-API errors
> so for example you know which key is not found in a keytab
The only problem is leaking of error codes if you allocate them
dynamically, though there are ways to deal with this, but yes, do do
this please :)
> protocol:
> * integrate pkinit
> * extensible strategy for adding ASN.1 stuff to plugins
Note that some plugins may need other encodings than DER. E.g., the
PKINIT plugin. I imagine that such plugins need their own encoder.
> KDC:
> * support for opaque KDB handles
Multi-threading?
Nico
--
More information about the krbdev
mailing list