[6037] in Kerberos
Re: WHEN?
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Oct 23 03:22:57 1995
To: "Doug Engert" <DEEngert@anl.gov>
Cc: <KERBEROS@MIT.EDU>, <HARTMANS@MIT.EDU>, <AUTHTF@ES.NET>
In-Reply-To: Your message of "Sun, 22 Oct 1995 16:49:41 CDT."
<9510230056.AA20524@MIT.EDU>
Date: Mon, 23 Oct 1995 03:02:28 EDT
From: Sam Hartman <hartmans@MIT.EDU>
>>>>> "Doug" == Doug Engert <DEEngert@anl.gov> writes:
Doug> Sam, You said in your note from Sat 21: "You should try
Doug> Kerberos again after our next release, and you will almost
Doug> certainly have much better luck." There was a reference last
Doug> month to trying to get the next release out with in the
Doug> month. It should have been out by October 1.
It's fairly obvious that we missed our end-of-September
estimate by now. Basically, several things that were thought to have
been accomplished over the summer ended up developing problems as we
went into testing, and several other issues came up. A lot of code
has been rewritten since beta 5, and I think you can understand our desire to avoid releasing something as buggy as beta 5 in the future. Currently, key componets are just not working and the changes to fix them haven't been fixed.
I'd rather leave commenting on the current release schedule to Theodore Ts'o, our team leader.
Doug> As you must already know, I have been making available a
Doug> context diff file of all of our mods to Kerberos 5 beta 5 at
Doug> "ftp://achilles.ctd.anl.gov/kerberos.v5.k55.cdiff.95xxxx"
Doug> This includes many of the reported bugs. This was originally
Doug> done to assist others in ESnet to implement Kerberos.
Doug> There are many other people out there who have down loaded
Doug> Kerberos 5 beta 5, and they keep running into the same bugs
Doug> over and over. I have seen this many times. The last was a
Doug> report from Dave Clarke on October 18 about a problem with
Doug> the mk_faddr.c code. Paul Pomes reported this same problem
Doug> on May 11.
Understood; this is a significant problem. Unfortunately,
beta 6 is not just a bug fix release; it includes several important
interior changes, including a rewrite of the database (necessary to
deal with multiple salt types and future extensibility), plus the
implementation of the one-to-one enctype->keytype mapping decision.
Considering the amount of confusion created by problems in the
protocol associated with determing what type of key was used, or what
encryption was supported, this change should be a welcome improvement
to almost everyone.
In other words, we have both fixed bugs and introduced new
bugs. We simply don't have a working kadmind that can read the new
database at the point; it is a very high priority to get fixed. Until
we have a set of code that is reasonable to release, we cannot release
something that fixes the bugs people are running into.
Doug> I have received many comments on how useful my patch file
Doug> has been to many people out there who have not seen every
Doug> krb5-bug report.
Doug> Dave Clark asked if these was any information on bugs. I did
Doug> see a reference to using Discus. Why not tell everyone about
Doug> the Web access to the krb5-bugs list?
Basically, because I forgot. (Arguably, this is unexcusable
on my part as a member of SIPB, the organization at MIT that gateways
the discuss archives to the web, but I've rarely used that interface.)
Anyway, Dug has a very good point; for information on Kerberos bugs,
try looking at <a href="http://www.mit.edu:8008/menelaus.mit.edu/krb5-bugs/"> Our pending bugs</a>.
Doug> Either a more timely release schedule, or easier access to
Doug> the bugs reports would help many of those who are new to
Doug> Kerberos 5 get up to speed.
Agreed.
Doug> Douglas E. Engert Systems Programming Argonne
Doug> National Laboratory 9700 South Cass Avenue Argonne, Illinois
Doug> 60439 (708) 252-5444
Doug> Internet: DEEngert@anl.gov
