meeting minutes, 28 Feb 1991

Date: Thu, 28 Feb 91 16:56:35 -0500
From: John T Kohl <jtkohl@MIT.EDU>
To: krbdev@MIT.EDU

0. next meeting is next Thursday, 7 Mar 1991, at 3pm in E40-316.

1. status reports:
	jtkohl:	worked on replay cache stuff for safe/priv msgs
		used mprof to clean up various memory leaks
		played with ISODE to fix some leaks & other problems.

	tytso: 	finished up API conversion to standardize on the return style.
		working on kdb_util dump/load (salt changes)
		thinking about realm "quality" stuff

	jfc:	still studying GSS interface, & considering user2user code
	jis:	has been playing with SPX
		will be at meeting about GSS
	jon:	()

2. GSS API stuff:  will be a meeting next Tuesday with DEC folks about
solidifying the GSS API code.  we're all invited.

3. build space is tight again; we can probably squeeze more out of
afsreq.

4. All files should eventually be converted to have the phrase "All
Rights Reserved" right after the Copyright line, and if you edit the file,
be sure that 1991 appears as one of the years in the copyright notice.
Also please remove all #include's of <krb5/copyright.h>.

5. alpha/beta testing issues.  we're not getting much in the way of
useful feedback from testers, so we won't add any more to those we
have now.  We are about ready for a general distribution beta-test.
We're waiting for:
	completion of principal salting stuff
	completion of subsession key stuff
	ISODE 6.8 test/update

6. discussion of subsession keys, key mixing, etc.  Opinion boils down
that: mixing keys is sufficiently non-portable among encryption types
that we probably shouldn't provide an interface at the kerberos level.

For applications that care to use separate subsession keys for one/both
direction, the client side can have the mk_req_* routine select and
return one such key; the server can ask the mk_rep routine to select one
as well.

7. other random distribution questions:
	we should do some sort of code/protocol auditing, to increase
our confidence in the system.  discussion of where to draw the lines for
things considered security-critical (read-side routines, KDC, encryption
layers, maybe others?)

	discussion of beta-test rewards for those finding security bugs
in the library.


Action items:
	Jeff will talk to DEC about the export issues with SPX and what
they've done w.r.t. distributions

	Jeff will keep eyes/ears out for any "standardization" of
string2key algorithms.

	John K. will find a way to get DER out of ISODE 6.8.

	John C. will produce a user2user draft interface spec and
circulate it for review.