aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZhanna Tsitkov <tsitkova@mit.edu>2014-02-14 16:17:47 -0500
committerTom Yu <tlyu@mit.edu>2015-12-16 14:16:39 -0500
commit2d8e53c94a02ccabcd4c6f8537ccd4bcefc6c0e8 (patch)
tree3e135b156b681116ae2dade8ed7b568761816219
parentcd94aef053bd5a153b4fbf76435864d843362b28 (diff)
downloadkrb5-2d8e53c94a02ccabcd4c6f8537ccd4bcefc6c0e8.zip
krb5-2d8e53c94a02ccabcd4c6f8537ccd4bcefc6c0e8.tar.gz
krb5-2d8e53c94a02ccabcd4c6f8537ccd4bcefc6c0e8.tar.bz2
Document 1.12 changes in MIT Kerberos Features doc
(cherry picked from commit 5489cb326bc5b13c9dcb0f76228cc964dd9fdb5d) ticket: 8328 (new) version_fixed: 1.12.5 status: resolved
Diffstat
-rw-r--r--doc/admin/otp.rst2
-rw-r--r--doc/appdev/gssapi.rst1
-rw-r--r--doc/mitK5features.rst16
3 files changed, 17 insertions, 2 deletions
diff --git a/doc/admin/otp.rst b/doc/admin/otp.rst
index 0abd5ff..4eded41 100644
--- a/doc/admin/otp.rst
+++ b/doc/admin/otp.rst
@@ -1,3 +1,5 @@
+.. _otp_preauth:
+
OTP Preauthentication
=====================
diff --git a/doc/appdev/gssapi.rst b/doc/appdev/gssapi.rst
index d79f87d..05e4059 100644
--- a/doc/appdev/gssapi.rst
+++ b/doc/appdev/gssapi.rst
@@ -420,6 +420,7 @@ pre-existing pointer and length for a modifiable region of data)::
/* Decrypted data is in iov[1].buffer, pointing to a subregion of
* token. */
+.. _gssapi_mic_token:
IOV MIC tokens
--------------
diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst
index fa1ec7e..63cd467 100644
--- a/doc/mitK5features.rst
+++ b/doc/mitK5features.rst
@@ -19,8 +19,8 @@ Quick facts
License - :ref:`mitK5license`
Releases:
- - Latest stable: http://web.mit.edu/kerberos/krb5-1.11/
- - Supported: http://web.mit.edu/kerberos/krb5-1.10/
+ - Latest stable: http://web.mit.edu/kerberos/krb5-1.12/
+ - Supported: http://web.mit.edu/kerberos/krb5-1.11/
- Release cycle: 9 -- 12 months
Supported platforms \/ OS distributions:
@@ -130,6 +130,17 @@ Release 1.11
- GSS-API extensions for credential locations
- Responder mechanism
+Release 1.12
+ - Plugin to control krb5_aname_to_localname and krb5_kuserok behavior :ref:`localauth_plugin`
+ - Plugin to control hostname-to-realm mappings and the default realm :ref:`hostrealm_plugin`
+ - GSSAPI extensions for constructing MIC tokens using IOV lists :ref:`gssapi_mic_token`
+ - Principal may refer to nonexistent policies `Policy Refcount project <http://k5wiki.kerberos.org/wiki/Projects/Policy_refcount_elimination>`_
+ - Support for having no long-term keys for a principal `Principals Without Keys project <http://k5wiki.kerberos.org/wiki/Projects/Principals_without_keys>`_
+ - Collection support to the KEYRING credential cache type on Linux :ref:`ccache_definition`
+ - FAST OTP preauthentication module for the KDC which uses RADIUS to validate OTP token values :ref:`otp_preauth`
+ - Experimental Audit plugin for KDC processing `Audit project <http://k5wiki.kerberos.org/wiki/Projects/Audit>`_
+
+
`Pre-authentication mechanisms`
- PW-SALT :rfc:`4120#section-5.2.7.3`
@@ -140,6 +151,7 @@ Release 1.11
- PKINIT :rfc:`4556`
- FX-COOKIE :rfc:`6113#section-5.2`
- S4U-X509-USER (release 1.8) http://msdn.microsoft.com/en-us/library/cc246091
+- OTP (release 1.12) :ref:`otp_preauth`
`PRNG`
generated by cgit v1.1 at 2024-08-15 02:57:34 +0000