--=-=-=
Content-Transfer-Encoding: quoted-printable


itojun@iijlab.net writes:

> 	after some more discussions:
> 	- we should disable kerberos-and-ssl stuff in openssl, as it is not
> 	  doing the right thing (-> some functions will go away)
> 	- des_xx -> DES_xx is okay from heimdal POV
> 	  (-> des_xx goes away, DES_xx will appear)
>
> 	so when we import 0.9.7, there'll be a shlib major # bump for libcrypto
> 	and libdes, and there'll be some changes to heimdal code for des stuff.

I think this require us to drop kerberos 4 support, both libs and tools
since its dependant on the old des_ api.

Current heimdal kinit support doing 524 and store the v4 credentials, this
solves the problem for the few people that still uses zephyr (and other v4
applications). So, there still be a sigle sign on.

AFS users can already today use libkafs that is compiled w/o v4 support, so
that shouldn't be a problem.

Maybe I'll add support so the kdc can service v4 requests (by inlining the
nesecery functions), but I'm not sure about this.

I'm fine with having kerberos 4 die now, and really, it should.

Love

--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (NetBSD)

iQIVAwUAPxEznRZyDLTSep3UAQJFWhAAm7Lj+yu/S9mVgzZ7cx8uXuAaBh4dNXIC
0+qcCpNR+nV2Xm3enkqbX3dPe79OnlLoTNrXoKvKfqaMPxwcpUFmARDOaAe8vVIU
jwaS6YbNWVsPq3V5rvxNKMxw6HtpnMtjOzvmK5zUNVF0S5nIOceSil9gy3FrA8p/
GHj+nCbnaBGsSkn77c0/r+KKtmddeoZwJ9+DKyRtalt4Qv/ZgKhukijIcsXOAwDx
FM+Zd5S0EYhxppSilCLb+Kb+DG9+t3kHB/0l76rK48+0UXAw5e/LlFmpIldwAwO/
QmiGNhg4rfBUhTfaX511tRPaUn0n23VOZ5ERAH2MKkPQCLV3d0d6QMowDBMbu8PS
bheUsQkODLsQkpCeqPCn9rvTcZkTYEleq7Xnp8Jbkrei5n1MO3lHACIG84otLafs
lsaiagf0GrvCQ3ozDtgfdF9hy2JW9+sieW3KyzFABE9/ihCyxnrsJCgRD3vRVdNh
wiv8L8uUcpwfc0C9PReR9JsToQrWDKO+t0Jnj9/K/RX+3DSoDFz9Ll3RIC6MUMrF
AzUHS14b2fPFBrP7tj4llyZl2Lyn55YBDTWYwS2qtrumpjzfs5EwGqAhjzu2xspr
IRkNmbqJlS5AYX/NwiDF/ljG8RaliRmCJPFSO8daRucBi3ha2hgGPyv7KC/pm/Lo
3lEe8d33AA0=
=juJv
-----END PGP SIGNATURE-----
--=-=-=--