At Michigan State, I am leading a project to upgrade our MIT Kerberos central authentication service from version 1.6.3 to 1.10.1. We will be dropping support for the Kerberos 4 protocol. We are a long-time AFS site and most of the systems we've been able to identify that still rely on Kerberos 4 are related to AFS in some way.
The main drivers for this are are a) desire to support account lockout for some users; b) desire to end-of-life Kerberos 4 support as recommended in MIT's Kerberos 4 end of life announcement (http://web.mit.edu/kerberos/krb4-end-of-life.html). I am interested in communicating with folks that have been down this path, if anyone has. Anyone know of any medium to large research institutions running Kerberos 1.7.x or higher? If so, I'd appreciate contact information. And, anyone, please chime in if there's some reason you know about that makes this idea totally crazy. Thanks. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
