Project review: principals without keys
Greg Hudson
ghudson at MIT.EDU
Wed Jul 10 13:06:37 EDT 2013
I have implemented kadmin support for making principal entries with no
keys, mainly so that we have a simple way to disable encrypted timestamp
and challenge for a principal. The project page and candidate
implementation are at:
http://k5wiki.kerberos.org/wiki/Projects/Principals_without_keys
https://github.com/greghudson/krb5/commits/nokey
There are a few different design options, which were discussed on IRC
and are reflected in the project page.
Comments are appreciated. Barring objections, I expect to push the
implementation to master later this week.
More information about the krbdev
mailing list