[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PKINIT - allowed principal format?

To: "STEWARD, Curtis (Jamestown)" <Curtis.Steward@trw.com>
Subject: Re: PKINIT - allowed principal format?
From: joda@pdc.kth.se (Johan Danielsson)
Date: 03 Oct 2002 15:24:15 +0200
Cc: "'heimdal-discuss@sics.se'" <heimdal-discuss@sics.se>
In-Reply-To: "STEWARD, Curtis's message of "Thu, 3 Oct 2002 09:08:56 -0400"
References: <82B2E334C659D511A7500008C709B5970E35C4@jamesx.jms.lucascargo.com>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7

"STEWARD, Curtis (Jamestown)" <Curtis.Steward@trw.com> writes:

> I'm new to Heimdal, it's the only opensource Kerberos
> implementation utilizing PKINIT that I know of, thanks.

I'm sure there are patches for MIT Kerberos too, but I don't know
where they hide it. The Czech patches are a start, but they need a lot
of work.

> Activity looks limited though, what is the status, alternatives, and
> expected update on PKINIT?

PKINIT itself is still in development, but I think it's getting closer
to a last call.

> I've tried laters versions of Heimdal with no luck, so I
> assume no version later than 4e (as doc'd :) ) will work 

There are some minor changes needed for it to work (as in compile, I
haven't tested it) with 0.5.

>    root = /usr/local/ca/testkeys/cacert.pem

I'm under the impression that the right side of this should be a x500
name.

I suppose Daniel can give more details.

/Johan

References:
- PKINIT - allowed principal format?
  - From: "STEWARD, Curtis (Jamestown)" <Curtis.Steward@trw.com>

Prev by Date: PKINIT - allowed principal format?
Next by Date: Re: PKINIT - allowed principal format?
Prev by thread: PKINIT - allowed principal format?
Next by thread: Re: PKINIT - allowed principal format?
Index(es):
- Date
- Thread