directory-kerby mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Li, Jiajia" <>
Subject Apache Kerby 1.0.0-RC2 Release Note
Date Fri, 11 Mar 2016 01:29:14 GMT

105 JIRA issues were resolved and with the following Features and important changes since

1. Anonymous PKINIT support(BETA): allows a client to obtain anonymous credentials without
authenticating as any particular principal.
2. PKINIT in RSA case (75%).
3. Finished token support:
    a. Add ability to encrypt and sign using non-RSA keys;
    b. Get the verify key for signed JWT token from kdc config;
    c. Token issuer must be trusted as one of preconfigured issuers;
    d. Add support for decrypting JWT tokens in the KDC.
4. PKIX CMS/X509 support.
5. Full BER encoding support.
6. Improved the ASN1 framework:
    a. Separate Asn1 parser;
    b. Support decoding of primitive but constructed encoded types;
    c. Allow to define explicit and implicit fields more easily for collection types;
  d. Providing an API to use some useful ASN1 functions by consolidating existing utilities

7. Dump support for Asn1.
    a. provide an ASN1 dumping tool for troubleshooting
    b. Including built-in ASN1 types and user defined types.
8. Separate KrbClient, KrbTokenClient, and KrbPkinitClient APIs.

View raw message