directory-kerby mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Li, Jiajia" <jiajia...@intel.com>
Subject RE: Status of Kerby
Date Mon, 18 Jan 2016 08:47:34 GMT
Hi all,

I thinks the following issues should be solved before release:
1. Clear Kerby source codes
2. Add the rc1 and rc2 apis docs under docs folder
3. Do some tests of anonymous pkinit, and refactor the code.

And some issues can be delayed and solved after RC2 release:
1. KDC is rejecting my TGS: The JIRA link: https://issues.apache.org/jira/browse/DIRKRB-472(Marc
reported:)
2. Remote kadmin
...

Do you have any to add or change? Thanks

Thanks
Jiajia

-----Original Message-----
From: Li, Jiajia [mailto:jiajia.li@intel.com] 
Sent: Thursday, December 31, 2015 3:40 PM
To: kerby@directory.apache.org
Subject: Status of Kerby

Hi all,

Sep 23, the first release 1.0.0-RC1 of Kerby was released.
>From Sep 23 to Dec 31, 82 JIRA issues were resolved, including following important features:

Features or important changes:
1.       PKINIT in DH case done;
2.       PKINIT in RSA case (75%);
3.       Finished token support;
4.       PKIX CMS/X509 support;
5.       Full BER encoding support;
6.       Separate Asn1 parser;
7.       Dump support for Asn1;
8.       Separate KrbClient, KrbTokenClient, and KrbPkinitClient APIs

JIRAs resolved:
1.      Fix tool's usage in windows
2.      Define transaction API for identity backend
3.      Enhance json backend to support transaction for reasonable efficiency
4.      Fix some log4j warnings and issues
5.      Adding ability to encrypt and sign using non-RSA keys
6.      Get the verify key for signed JWT token from kdc config and signed token in tests
7.      Token issuer must be trusted as one of preconfigured issuers.
8.      Add support for decrypting JWT tokens in the KDC
9.      kinit tool is enhanced to request a service ticket
10.   Fix KinitTool doesn't work to use keytab file
11.   Fix the bit manipulation functions in KrbFlags
12.   Enable assembly plugin to create tar.gz and zip packages for tool-dist
13.   Categorize KrbOptions by adding group info
14.   Refined asn1 APIs, getting rid of the questionable encoding option
15.   Allow to define explicit and implicit fields more easily for collection types
16.   Added enumerated type
17.   Support BER and indefinitive length encoding in ASN1
18.   Cryptographic Message Syntax (CMS) support
19.   X509 ASN1 types support
20.   Separate token client out of KrbClient
21.   Separate PKINIT client out of KrbClient
22.   Supporting Asn1Any type
23.   Supporting Asn1Choice type
24.   Introduced Asn1Constructed for support of some primitive types using constructed encoding
25.   Provide an ASN1 dumping tool for troubleshooting
26.   Dumping support for built-in ASN1 types and user defined types
27.   Providing an API to use some useful ASN1 functions by consolidating existing utilities
28.   Support decoding of primitive but constructed encoded types
29.   Separate ASN1 parser
30.   Introduced Asn1Converter to convert a parsing result into an ASN1 object
31.   Introduced Asn1Binder to bind a parse result to an existing ASN1 object
32.   Introduced Asn1Encodeable for encode/decode methods
33.   Support decoding of primitive but constructed encoded types
34.   Break down KrbOption into 4 ones: KrbOption, KrbKdcOption, TokenOption, PkinitOption
35.  Merge the anonymous pkinit feature from pkinit-branch
36.   Load configuration content when adding the resource.
37.   Enable kinit tool kdc flag options.
38.  Added the graphics for teh ASN1 hierarchy
39.   Add some javadocs

In process and plan to do:

1.       Clean up the JIRAs

2.       Update the Github website and the sub-project website

3.       Check the missing Javadoc for important APIs

4.       Do some tests for Kerby KDC and client tools in linux, windows, and macs

Note this is an important release with important features and quite a few of bug fixes according
to user requirement and feedbacks. When this release is done, the formal 1.0.0 release will
be much prepared and approaching soon.


Jiajia

Mime
View raw message