Tech Insider					     Technology and Trends


		     Kerberos V5 Mailing List Archives

Date: Thu, 28 Feb 91 16:56:35 -0500
From: John T Kohl <jtkohl@MIT.EDU>
To: krbdev@MIT.EDU

0. next meeting is next Thursday, 7 Mar 1991, at 3pm in E40-316.

1. status reports:
	jtkohl:	worked on replay cache stuff for safe/priv msgs
		used mprof to clean up various memory leaks
		played with ISODE to fix some leaks & other problems.

	tytso: 	finished up API conversion to standardize on the return style.
		working on kdb_util dump/load (salt changes)
		thinking about realm "quality" stuff

	jfc:	still studying GSS interface, & considering user2user code
	jis:	has been playing with SPX
		will be at meeting about GSS
	jon:	()

2. GSS API stuff:  will be a meeting next Tuesday with DEC folks about
solidifying the GSS API code.  we're all invited.

3. build space is tight again; we can probably squeeze more out of
afsreq.

4. All files should eventually be converted to have the phrase "All
Rights Reserved" right after the Copyright line, and if you edit the file,
be sure that 1991 appears as one of the years in the copyright notice.
Also please remove all #include's of <krb5/copyright.h>.

5. alpha/beta testing issues.  we're not getting much in the way of
useful feedback from testers, so we won't add any more to those we
have now.  We are about ready for a general distribution beta-test.
We're waiting for:
	completion of principal salting stuff
	completion of subsession key stuff
	ISODE 6.8 test/update

6. discussion of subsession keys, key mixing, etc.  Opinion boils down
that: mixing keys is sufficiently non-portable among encryption types
that we probably shouldn't provide an interface at the kerberos level.

For applications that care to use separate subsession keys for one/both
direction, the client side can have the mk_req_* routine select and
return one such key; the server can ask the mk_rep routine to select one
as well.

7. other random distribution questions:
	we should do some sort of code/protocol auditing, to increase
our confidence in the system.  discussion of where to draw the lines for
things considered security-critical (read-side routines, KDC, encryption
layers, maybe others?)

	discussion of beta-test rewards for those finding security bugs
in the library.


Action items:
	Jeff will talk to DEC about the export issues with SPX and what
they've done w.r.t. distributions

	Jeff will keep eyes/ears out for any "standardization" of
string2key algorithms.

	John K. will find a way to get DER out of ISODE 6.8.

	John C. will produce a user2user draft interface spec and
circulate it for review.

			        About USENET

USENET (Users’ Network) was a bulletin board shared among many computer
systems around the world. USENET was a logical network, sitting on top
of several physical networks, among them UUCP, BLICN, BERKNET, X.25, and
the ARPANET. Sites on USENET included many universities, private companies
and research organizations. See USENET Archives.

		       SCO Files Lawsuit Against IBM

March 7, 2003 - The SCO Group filed legal action against IBM in the State 
Court of Utah for trade secrets misappropriation, tortious interference, 
unfair competition and breach of contract. The complaint alleges that IBM 
made concentrated efforts to improperly destroy the economic value of 
UNIX, particularly UNIX on Intel, to benefit IBM's Linux services 
business. See SCO vs IBM.

The materials and information included in this website may only be used
for purposes such as criticism, review, private study, scholarship, or
research.

Electronic mail:			       WorldWideWeb:
   tech-insider@outlook.com			  http://tech-insider.org/