On Tue, Jun 27, 2017 at 10:17:40PM -0700, Russ Allbery wrote:
> Nico Williams <n...@cryptonector.com> writes:
> > We do need better key mgmt support though. It'd nice to have automatic
> > rekeying and expunging of keys too old to be needed for decrypting
> > extant live tickets.
> Yes, please, or I will inflict my hideous shell script on you that does
> this (using wallet).
Us maintainers mostly don't depend on Heimdal doing this, so there's
relatively little incentive for us to add it :(
If I had to the time for this I'd spend it on other things I want to do
in Heimdal. Completely revamping the GSS mechglue is high on my list.