On 9/23/07, Enrique Rodriguez <enriquer9@gmail.com> wrote:
On 9/22/07, Alex Karasulu <akarasulu@apache.org> wrote:
> IMO if you have some time you might want to start work on some developer
> documentation
> on DNS as well as a user's guide so we can attract more committers while
> answering user
> questions around DNS.
> ...

Point taken.  I will prioritize this higher than new features, such as
PKINIT or StartTLS.

StartTLS is fine for you to work on since we can support that code - the code already
exists anyway and just needs a clean up and placement into the project. 

The problem lies in code bases which we cannot support as a team and
that's the whole point to this.  So don't get the wrong idea that people
don't want you to add new things.  It's just we don't want you to add new
things that we cannot support as a team. 

Let's not sway onto the opposite end of the spectrum either. 

> ...
> Secondly with respect to technical matters how does this impact what we have
> in Triplesec
> with HOTP?  Is this another SAM type for the kerberos server which uses the
> class loading
> scheme we already have in place for verifiers?

My plan is to make pre-auth verifiers "pluggable" in the same way that
core Authenticators can be configured via Spring XML.  I am committed
to supporting Triplesec such that the HOTP verifier works after this
configuration change.  Though, since last I checked, Triplesec builds
against a 1.0, this is moot until Triplesec moves to the next stable
branch.

I think Christine made it build now with 1.5 just recently.

Alex