Hi, first a warm welcome :)
Just a few first notes, need more time to read the mail again... * That is a huge plan and vision, I prefer to do smaller steps, but good luck * This proposal also means to separate all the Kerberos functionality out of ApacheDS so that it "only" remains an LDAP server? I'd support that, this would reduce complexity, modularization is good. * Security nightmare. When implementing crypto yourself you need to know what you are doing and need to react on security issues. * Two source files contain header with Oracle copyright and GPL license. This code needs to be replaced. I hope no other code was taken from JDK sources. Kind Regards, Stefan
