Presentation is loading. Please wait.

Presentation is loading. Please wait.

Heimdal Status Report Jeffrey Altman 26 March 2014.

Published byRandall Walsh Modified over 9 years ago

Similar presentations

Presentation on theme: "Heimdal Status Report Jeffrey Altman 26 March 2014."— Presentation transcript:

1 Heimdal Status Report Jeffrey Altman 26 March 2014

2 State of the Project 34 contributors in last 12 months 34 contributors in last 12 months –Most in history of the project 127% year over year increase in commits 127% year over year increase in commits Average age of the committers is increasing Average age of the committers is increasing

3 Heimdal 1.5 Last release 1.5.3; tagged Dec 2012 Last release 1.5.3; tagged Dec 2012 42 patches applied to heimdal-1-5- branch since 42 patches applied to heimdal-1-5- branch since Most important for this audience Most important for this audience –DES exception for AFS service principals –Session key selection changes necessary for rxkad-k5 to work

4 1.6 is a Major Release New Features New Features Improvements Improvements Bug Fixes Bug Fixes Security Fixes Security Fixes Windows Updates Windows Updates

5 Features FAST (RFC 6113) FAST (RFC 6113) HDB password history HDB password history Cross-realm key rollover safety Cross-realm key rollover safety LDAP StartTLS LDAP StartTLS DIR cred cache DIR cred cache MIT/Heimdal KDB/HDB migration functionality MIT/Heimdal KDB/HDB migration functionality

6 Improvements  FILE cred cache improvements  interop bugs (gss_pseudo_random())  New plugin interface model  kinit improvements  Kx509 configuration options

7 Bug Fixes KDC 1DES session key selection KDC 1DES session key selection –AFS rxkad-k5 compatibility Keytab file descriptor / lock leaks Keytab file descriptor / lock leaks FILE cred cache corruption bugs FILE cred cache corruption bugs GSS PRF+ interop bug GSS PRF+ interop bug TGS client requests failed to ask for renewable, forwardable, proxiable TGS client requests failed to ask for renewable, forwardable, proxiable KDC handling of enterprise principals KDC handling of enterprise principals

8 Security Fixes kx509 realm-chopping security bug kx509 realm-chopping security bug

9 Windows Redesign of Side by Side Assembly Redesign of Side by Side Assembly –Plugins must be part of the assembly –Otherwise, internal DLL Version conflicts Public SDK Public SDK –Merge Modules available for third party integration kadmin client provided kadmin client provided MIT KFW 3.2 shim libraries MIT KFW 3.2 shim libraries

10 What is Missing? libkafs supports neither rxkad-k5 nor rxkad-prf libkafs supports neither rxkad-k5 nor rxkad-prf No FAST OTP implementation No FAST OTP implementation

11 HEIMDAL STATUS REPORT 2014 EAKC

Download ppt "Heimdal Status Report Jeffrey Altman 26 March 2014."

Similar presentations

1 IST 410/420 Software Version Control 2 DevelopmentIntegration Test System Test User Acceptance Testing ProductionArchive DEVELOPMENTUSERS - Developers.

1 IST 410/420 Software Version Control 2 DevelopmentIntegration Test System Test User Acceptance Testing ProductionArchive DEVELOPMENTUSERS - Developers.
Kerberos 5 at DESY Andreas Haupt Wolfgang Friebel.

Kerberos 5 at DESY Andreas Haupt Wolfgang Friebel.
Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
SCSC 455 Computer Security

SCSC 455 Computer Security
Branching, Switching and tagging Francesco Furfari CNR-ISTI Italy.

Branching, Switching and tagging Francesco Furfari CNR-ISTI Italy.
Warren Jones, Fluke Co., Eugene Kramer, Remedy Co. Introduction to CVS 1999 Concurrent Versions System Overview of CVS architecture. Repository structure.

Warren Jones, Fluke Co., Eugene Kramer, Remedy Co. Introduction to CVS 1999 Concurrent Versions System Overview of CVS architecture. Repository structure.
Windows Server 2008 Kerberos Michiko Short Program Manager Microsoft Corporation.

Windows Server 2008 Kerberos Michiko Short Program Manager Microsoft Corporation.
Windows 2000 Kerberos Interoperability Paul Hill Co-Leader, Kerberos Development Team MIT John Brezak Program Manager Windows 2000 Security Microsoft.

Windows 2000 Kerberos Interoperability Paul Hill Co-Leader, Kerberos Development Team MIT John Brezak Program Manager Windows 2000 Security Microsoft.
James Johnson. What is it?  A system of authenticating securely over open networks  Developed by MIT in 1983  Based on Needham-Schroeder Extended to.

James Johnson. What is it?  A system of authenticating securely over open networks  Developed by MIT in 1983  Based on Needham-Schroeder Extended to.
Password? CLASP Project Update C5 Meeting, 16 June 2000 Denise Heagerty, IT/IS.

Password? CLASP Project Update C5 Meeting, 16 June 2000 Denise Heagerty, IT/IS.
WIN.MIT.EDU  Where are we today  Related services  Current enhancements  Some future enhancements  SharePoint  Panel Discussion.

WIN.MIT.EDU  Where are we today  Related services  Current enhancements  Some future enhancements  SharePoint  Panel Discussion.
Revision Control Systems Amin Tootoonchian Kian Mirjalali.

Revision Control Systems Amin Tootoonchian Kian Mirjalali.
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
Version Control What it is and why you want it. What is Version Control? A system that manages changes to documents, files, or any other stored information.

Version Control What it is and why you want it. What is Version Control? A system that manages changes to documents, files, or any other stored information.
ACCESS CONTROL MANAGEMENT Project Progress (as of March 3) By: Poonam Gupta Sowmya Sugumaran.

ACCESS CONTROL MANAGEMENT Project Progress (as of March 3) By: Poonam Gupta Sowmya Sugumaran.
1 SVN – Tool for Version Control Talal Ahmed (05030094) Ali Ahsan (05030102) Adil Zia Khan (06030004) Farid Ullah (06030021)

1 SVN – Tool for Version Control Talal Ahmed ( ) Ali Ahsan ( ) Adil Zia Khan ( ) Farid Ullah ( )
Kerberos: A Network Authentication Tool Seth Orr University of Missouri – St. Louis CS 5780 System Administration.

Kerberos: A Network Authentication Tool Seth Orr University of Missouri – St. Louis CS 5780 System Administration.
Keberos

Keberos
By Steven Campbell and Erik Boone.  Sharing projects by putting them into a central repository.  Checking out copies of projects from the repository.

By Steven Campbell and Erik Boone.  Sharing projects by putting them into a central repository.  Checking out copies of projects from the repository.
TAM STE Series 2008 © 2008 IBM Corporation WebSEAL SSO, Session 108/2008 TAM STE Series 2008 - WebSEAL SSO, Session 1 Presented by: Andrew Quap.

TAM STE Series 2008 © 2008 IBM Corporation WebSEAL SSO, Session 108/2008 TAM STE Series WebSEAL SSO, Session 1 Presented by: Andrew Quap.

Similar presentations

Ads by Google