heimdal/TODO

-*- indented-text -*-

$Id$

* configure

automatically figure out if krb4 is installed

* appl

more programs here

** appl/popper

Implement RFC1731 and 1734, pop over GSS-API

** appl/test

should test more stuff

* doc

there's some room for improvement here.

* kdc

should the KDC use keytabs to store its keys?  Then it could use krb5_rd_req.

* kadmin

is in need of a major cleanup

* lib

** lib/asn1

prepend a prefix on all generated symbols

make asn1_compile use enum types where applicable

** lib/auth

PAM and afskauthlib

** lib/des

** lib/gssapi

process_context_token, display_status, add_cred, inquire_cred_by_mech,
export_sec_context, import_sec_context, inquire_names_for_mech, and
inquire_mechs_for_name not implemented.

only DES MAC MD5 and DES implemented.

minor_status is never set

init_sec_context: `initiator_cred_handle' and `time_req' ignored.

input channel bindings are not supported

delegation not implemented

anonymous credentials not implemented

** lib/hdb

fix locking

fix atomic rename of database

** lib/kadm5

add policies?

fix to use rpc?

** lib/krb5

the replay cache is, in its current state, not very useful

the following encryption types have been implemented: DES-CBC-CRC,
DES-CBC-MD4, DES-CBC-MD5, DES3-CBC-MD5, DES3-CBC-SHA1

supports the following checksums: CRC32, RSA-MD4, RSA-MD5,
RSA-MD4-DES, RSA-MD5-DES, RSA-MD5-DES3, SHA1, HMAC-SHA1-DES3

always generates a new subkey in an authenticator

should the sequence numbers be XORed?

fix pre-authentication with pa-afs3-salt

OTP?

** lib/roken

** lib/sl