krb5-1.9-beta1 is available

[Tim Alsop]

Hi,

Is the RA SecurID support based on the SAM protocol, so that Kerberos password is still required ?
We have supported this for about 10 years in our KDC and find that most customers prefer a method which is not using Kerberos password, and hence the new RSA OTP draft is preferred. 
I am therefore wondering why a SAM based solution has been chosen ?

Thanks,
Tim

-----Original Message-----
From: krbdev-bounces at MIT.EDU [mailto:krbdev-bounces at MIT.EDU] On Behalf Of Tom Yu
Sent: 03 November 2010 19:12
To: krbdev at MIT.EDU
Subject: krb5-1.9-beta1 is available

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MIT krb5-1.9-beta1 is now available for download from

         http://web.mit.edu/kerberos/dist/testing.html

The main MIT Kerberos web page is

         http://web.mit.edu/kerberos/

Please send comments to the krbdev list.  The final release will probably occur in early December.  The README file contains a more extensive list of changes.

Major changes in 1.9
- --------------------

Code quality:

* Python-based testing framework
* DAL cleanup

Developer experience:

* NSS crypto back end
* PRNG modularity
* Fortuna-like PRNG

Performance:

* Account lockout performance improvements

Administrator experience:

* Trace logging
* Plugin interface for password sync
* Plugin interface for password quality checks
* Configuration file validator
* KDC support for SecurID preauthentication

Protocol evolution:

* IAKERB
* Camellia encryption (experimental; disabled by default) -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (SunOS)

iEYEARECAAYFAkzRtAsACgkQSO8fWy4vZo5SgQCeIzOx6Egj589tOEkyq1y1P4bg
FroAmwcEXWk8ebyOp7o7G0cKq1ZcJXIE
=9AAO
-----END PGP SIGNATURE-----
_______________________________________________
krbdev mailing list             krbdev at mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev