This is excellent! Will try to look over the doco soon.
Hi, Directory developers,
I moved an old page called "Security initiatives" from the Safehaus
Confluence site over to our Sandbox. Also, I updated that page to
reflect a suite of features I'd like to work on to improve our
usability as a realm controller. In particular, the current work in
the SASL branch is going to force us to deal with some aspects of user
management and Kerberos key provisioning. I don't think any of this
will be technically hard, but it will mean integrating a bunch of work
that hasn't been integrated before, such as LDAP, Kerberos, and some
of the great features in the core. The basic "todo" list is:
o Add SASL GSSAPI authentication to the LDAP protocol.
o Close the loop on Kerberos key provisioning - make it easier to get
keys into the directory and to get keys out.
o Centralize password management