Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tom Yu MIT Kerberos Consortium May 21, 2008

Published byLouisa Brooks Modified over 6 years ago

Similar presentations

Presentation on theme: "Tom Yu MIT Kerberos Consortium May 21, 2008"— Presentation transcript:

1 Tom Yu MIT Kerberos Consortium May 21, 2008
Update on MIT Kerberos Tom Yu MIT Kerberos Consortium May 21, 2008

2 Overview Kerberos Consortium Ongoing Changes Release Planning
May 21, 2008

3 Kerberos Consortium Launch event September 27, 2008
Executive Advisory Board Helps set priorities Apple, Google, MIT, Microsoft, Sun May 21, 2008

4 Ongoing Changes New community resources
Wiki for developers – k5wiki.kerberos.org Source browsers – OpenGrok, FishEye White papers, tutorials, best practices Coding style and code review guidelines More formal procedures May 21, 2008

5 Planning Process Used For full releases (krb5-x.y) Community input
Goals Ranking Estimates of work Highest-ranked goals assigned to developers based on resources available May 21, 2008

6 Original krb5-1.7 Goals Kerberos Identity Management (KIM) API
GSS-API enhanced error strings Unified Credentials Cache API (CCAPI) on Mac OS X and Windows Support for GSS-API mechanism glue (“mechglue”) plug-in modules Multi-threading support in KDC Logging all ticket requests Master key rollover May 21, 2008

7 Revised planning methodology
Understand needs, including time constraints More emphasis on end users Timelines focus on time-sensitive items Board members and Sponsors take priority Delay release if high-priority items not ready Defer less time-sensitive items if not ready May 21, 2008

8 Recurring Concerns Code quality Stability Operational issues
Incremental propagation Principal referrals Key rollover May 21, 2008

9 Improving Code Quality
Adopt standard coding practices Identify specific regions/patterns to improve Use Coverity, etc. Look for “hot spots” Legacy code risk – krb4 certainly is! May 21, 2008

10 Proposed New krb5-1.7 Goals
Incremental propagation support Removal of krb4 code Kerberos Identity Management (KIM) API Improved master key & service key rollover Enhanced GSS-API error messages Cross-platform CCAPI on Mac and Windows Improved client-side & KDC-side referrals Collision avoidance for replay cache Logging of all ticket requests May 21, 2008

11 Dropped or Deferred Multi-threaded KDC – security concerns
GSS-API “mechglue” plug-in support May 21, 2008

12 krb5-1.7 Release Status Rough timeline Daptiv PPM for project tracking
Branch around Sep. 2008 Release around Dec. 2008 Dates subject to change Daptiv PPM for project tracking Completed: CCAPI for Mac OS X and Windows GSS-API enhanced error messages May 21, 2008

Download ppt "Tom Yu MIT Kerberos Consortium May 21, 2008"

Similar presentations

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
By Frank Minichini IS 373 Kerberos. Introduction Kerberos is a network authentication protocol used to securely send and receive nodes in communication.

By Frank Minichini IS 373 Kerberos. Introduction Kerberos is a network authentication protocol used to securely send and receive nodes in communication.
KerberSim CMPT 495 Fall 2004 Jerry Frederick. Project Goals Become familiar with Kerberos flow Create a simple Kerberos simulation.

KerberSim CMPT 495 Fall 2004 Jerry Frederick. Project Goals Become familiar with Kerberos flow Create a simple Kerberos simulation.
TAM STE Series 2008 © 2008 IBM Corporation WebSEAL SSO, Session 108/2008 TAM STE Series 2008 - WebSEAL SSO, Session 1 Presented by: Andrew Quap.

TAM STE Series 2008 © 2008 IBM Corporation WebSEAL SSO, Session 108/2008 TAM STE Series WebSEAL SSO, Session 1 Presented by: Andrew Quap.
AFS & Kerberos Best Practices Workshop 2008 Design Goals Functions that require authentication Solution Space Kerberos, GSSAPI or SASL (Decide on your.

AFS & Kerberos Best Practices Workshop 2008 Design Goals Functions that require authentication Solution Space Kerberos, GSSAPI or SASL (Decide on your.
Www.kerberos.org © 2009 The MIT Kerberos Consortium. All Rights Reserved. Maintaining and Securing Kerberos Tom Yu MIT Kerberos Consortium March 30, 2009.

© 2009 The MIT Kerberos Consortium. All Rights Reserved. Maintaining and Securing Kerberos Tom Yu MIT Kerberos Consortium March 30, 2009.
Windows NT ® Single Sign On Cross Platform Applications (Part II) John Brezak Program Manager Windows NT Security Microsoft Corporation.

Windows NT ® Single Sign On Cross Platform Applications (Part II) John Brezak Program Manager Windows NT Security Microsoft Corporation.
Scaling NT To The Campus Integrating NT into the MIT Computing Environment Danilo Almeida, MIT.

Scaling NT To The Campus Integrating NT into the MIT Computing Environment Danilo Almeida, MIT.
Copyright 2002, USC/ISI. All rights reserved. Kerberos Clarifications and Extensions Status Dr. Clifford Neuman Center for Computer Systems Security Information.

Copyright 2002, USC/ISI. All rights reserved. Kerberos Clarifications and Extensions Status Dr. Clifford Neuman Center for Computer Systems Security Information.
Single Sign-On across Web Services Ernest Artiaga CERN - OpenLab Security Workshop – April 2004.

Single Sign-On across Web Services Ernest Artiaga CERN - OpenLab Security Workshop – April 2004.
Ideas for the SPDX™ WG 1. Onboarding New Participants SPDX™ WG need to have a plan for onboarding new participating companies. Example:  I am Company.

Ideas for the SPDX™ WG 1. Onboarding New Participants SPDX™ WG need to have a plan for onboarding new participating companies. Example:  I am Company.
Smart Calendar Chrome Extension v. 0.2.5 Dec. 28, 2010 Kyoungryol Kim 1.

Smart Calendar Chrome Extension v Dec. 28, 2010 Kyoungryol Kim 1.
Scrum Overview. Agenda What is scrum…and what it isn’t Scrum’s Characteristics The Scrum Process Scrum Phases Measurements Key Practices Backlogs Sprint.

Scrum Overview. Agenda What is scrum…and what it isn’t Scrum’s Characteristics The Scrum Process Scrum Phases Measurements Key Practices Backlogs Sprint.
DotNetNuke v4 Overview Stan Schultes Stan Schultes Enterprise architect / application developer Enterprise architect / application developer Conference.

DotNetNuke v4 Overview Stan Schultes Stan Schultes Enterprise architect / application developer Enterprise architect / application developer Conference.
Gaining Educational Users for GENI

Gaining Educational Users for GENI
DBM 265 Week 5 Learning Team Assignment Virtual Organization Project Proposal Paper and Presentation This paper is based on Smith Consulting Client Project.

DBM 265 Week 5 Learning Team Assignment Virtual Organization Project Proposal Paper and Presentation This paper is based on Smith Consulting Client Project.
Project Execution Methodology

Project Execution Methodology
HR Open Standards Consortium Overview

HR Open Standards Consortium Overview
Project Management.

Project Management.

Similar presentations

Ads by Google