Review of ending February 13, 2009

Sam Hartman hartmans at MIT.EDU
Thu Jan 29 12:43:08 EST 2009

>>>>> "Ken" == Ken Raeburn <raeburn at MIT.EDU> writes:

    Ken> On Jan 28, 2009, at 21:16, Tom Yu wrote:
    >> Please review the project

    Ken> I don't think "in the future, in a separate project, [we will
    Ken> make X set of changes]" should be a part of this project
    Ken> proposal.  Maybe you can mention in general terms what you
    Ken> anticipate will be done, but if you write what *will* be
    Ken> done, either you're proposing those changes for review now
    Ken> (and implementation later) and should provide a commensurate
    Ken> level of detail, or you're asserting that they'll be done,
    Ken> without review.  In this case, I don't think we should be
    Ken> getting into details of "permitted_enctypes" config option
    Ken> processing now.  You even say it's a separate project; if you
    Ken> want to review the details now, write it up as a separate
    Ken> project.

I'd be happy with rewording, but I do actually want to have a bit of a discussion and review now about what wwe want eventual interfaces to be here.

    Ken> There's no discussion of the impact on existing deployments
    Ken> when updating clients, servers, or KDCs, or what will or
    Ken> won't work if you don't set allow_weak_crypto=yes.  It will
    Ken> need to be well documented, both in our regular documentation
    Ken> (man pages, install and admin guides) and prominently in the
    Ken> release notes.

Right.  I think the impact needs to be discussed enough for us to
review the project and the project plan needs to include effort for
documentation.  i think shipping the code change without the
documentation changes would be confusing in this instance.

More information about the krbdev mailing list