Date: Thu, 16 Jun 94 05:20:47 EDT From: tytso@MIT.EDU (Theodore Ts'o) To: kerberos@MIT.EDU I am proud to announce the release of Kerberos V5 Beta 4. This release contains several new features, including: * Configure scripts built from autoconf, to eventually supplant the imake build system. * A kadmin server which speaks the Kerberos V4 admin protocol, but which modifies the V5 database. (For backwards compatibility; only lightly tested so far.) * A ksu client. * Updated GSSAPI code to follow changes in the evolving Internet draft. * The most recent version of telnet. * Fixed inter-realm handling so that it actually works * Updated documentation, including a significantly improved API manual. * Lots of miscellaneous bug fixes and improvements. IMPORTANT NOTE ============== Currently, all of the MIT implementations of the Kerberos protocol are not fully compliant with the Kerberos RFC. Specifically, we do not implement the DES w/ MD5 checksum which is required by the RFC; this was an oversight, where the RFC got updated but the code never did. This problem still exists in the Beta 4 release, although I expect to have this fixed in a patch release as soon as possible --- I didn't have time to have it fixed for this release. I believe that we can fix this with minimal compatibility impacts with previous versions; vendors contemplating shipment of this code as product should wait for the patch release or contact us for futher details. - Ted FTP Instructions: FTP to athena-dist.mit.edu, in /pub/kerberos. Get the file README.KRB5_BETA4. It will contain instructions on how to obtain the Beta 4 release. >> << >> Please report any problems/bugs/comments to 'krb5-bugs@athena.mit.edu' << >> << Appreciation Time!!!! There are far too many people to try to thank them all; many people have contributed to the development of Kerberos V5. This is only a partial listing.... Thanks to Mark Eichin at Cygnus for writing the new autoconf configuration system, for making the code much more portable, and for serving as pre-release testers. Thanks to Marc Horowitz, Barry Jaspan, and Jonathan Kamens (and others) at Openvision, Inc. for providing us with an GSS-API library, for serving as pre-release testers, and for finding and fixing many bugs (some of them at the last minute!). Thanks to Cybersafe (OCSG) for providing patches to fix bugs with inter-realm authentication. Thanks to Ari Medivnsky and Cliff Neumann for writing a ksu client. Thanks to Jim Miller from Suite Software for contributing many detailed bug reports, most of them by doing desk checks over the code! Thanks to Prasad Upasani from ISI for porting the Berkeley rlogin/rsh/rcp suite and for testing out our distribution on the Sun. Thanks to Glenn Machin and Bill Wrahe from Sandia National Labs for contributing the kadmin server, plus lots of bugfixes. Thanks to Bill Sommerfeld from HP for commenting on early Kerberos interface drafts, suggesting improvements in later coding interfaces, and finding and fixing many bugs. Thanks to Paul Borman from Cray for writing the Kerberos v4 to v5 glue layer and the Kerberos v5 subroutines for telnet. Thanks to Dan Bernstein, for providing the replay cache code. Thanks to the members of the Kerberos V5 development team at MIT, both past and present: Jay Berkenbilt, John Carr, Don Davis, Nancy Gilman, Barry Jaspan, John Kohl, Cliff Neuman, Jon Rochlis, Jeff Schiller, Ted Ts'o, Tom Yu. Note: Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, and Zephyr are trademarks of the Massachusetts Institute of Technology (MIT). No commercial use of these trademarks may be made without prior written permission of MIT. FYI, "commercial use" means use of a name in a product or other for-profit manner. It does NOT prevent a commercial firm from referring to the MIT trademarks in order to convey information (although in doing so, recognition of their trademark status should be given).