From owner-freebsd-security@FreeBSD.ORG  Mon Jun  7 18:42:23 2010
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3E98D1065675
	for <freebsd-security@freebsd.org>;
	Mon,  7 Jun 2010 18:42:23 +0000 (UTC) (envelope-from jos@catnook.com)
Received: from b.mail.sonic.net (b.mail.sonic.net [64.142.19.5])
	by mx1.freebsd.org (Postfix) with ESMTP id 9D1228FC17
	for <freebsd-security@freebsd.org>;
	Mon,  7 Jun 2010 18:42:22 +0000 (UTC)
Received: from lizzy.dyndns.org (209-204-188-132.dsl.static.sonic.net
	[209.204.188.132])
	by b.mail.sonic.net (8.13.8.Beta0-Sonic/8.13.7) with SMTP id
	o57IStw2030332
	for <freebsd-security@freebsd.org>; Mon, 7 Jun 2010 11:28:56 -0700
Received: (qmail 95777 invoked by uid 1000); 7 Jun 2010 18:29:19 -0000
Date: Mon, 7 Jun 2010 11:29:19 -0700
From: Jos Backus <jos@catnook.com>
To: Doug Rabson <dfr@rabson.org>
Message-ID: <20100607182919.GB25163@lizzy.catnook.local>
References: <AANLkTik213g_8W2ocr3mCCb2EED8RBXsYBavdYll1PI_@mail.gmail.com>
	<19467.61790.690469.182207@hergotha.csail.mit.edu>
	<AANLkTimSdNOfX7kKgjWwUXuuRGISMrtzQVhQINaCfTml@mail.gmail.com>
	<AANLkTimWCsuKCTBCS5la4fGpM2v5Rh8_ZWDKOEzJfApE@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <AANLkTimWCsuKCTBCS5la4fGpM2v5Rh8_ZWDKOEzJfApE@mail.gmail.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
X-Mailman-Approved-At: Mon, 07 Jun 2010 19:08:01 +0000
Cc: bf1783@gmail.com, freebsd-security@freebsd.org, freebsd-current@freebsd.org,
	Garrett Wollman <wollman@bimajority.org>
Subject: Re: Our aging base system heimdal
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: jos@catnook.com
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2010 18:42:23 -0000

On Mon, Jun 07, 2010 at 03:15:27PM +0100, Doug Rabson wrote:
> On 6 June 2010 21:09, Jos Backus <jos@catnook.com> wrote:
> 
> > Any chance the kadmin protocol will ever be standardized?
> >
> >
> My understanding is that the MIT kadmin protocol is based GSS-API
> authenticated RPC which FreeBSD didn't support until recently. I added
> working RPCSEC_GSS to our userland RPC library in 2008 and it should be
> available in FreeBSD 8.x and later. In theory, if MIT actually document
> their protocol, it should be reasonably straightforward to support it. I
> doubt if I will be able to do the work either for this or for upgrading
> heimdal.

Thanks, Doug.

It would be great if the Heimdal and MIT folks would cooperate on this
standardization/documentation effort, but perhaps it's not seen as a priority.

-- 
Jos Backus
jos at catnook.com