Project review: principals without keys

Greg Hudson ghudson at MIT.EDU
Wed Jul 10 13:06:37 EDT 2013

I have implemented kadmin support for making principal entries with no
keys, mainly so that we have a simple way to disable encrypted timestamp
and challenge for a principal.  The project page and candidate
implementation are at:

There are a few different design options, which were discussed on IRC
and are reflected in the project page.

Comments are appreciated.  Barring objections, I expect to push the
implementation to master later this week.

More information about the krbdev mailing list