Hi Jiajia, I'd like to suggest make the following changes to be more accurately. Thanks.
2. PKINIT in RSA case (75%). => remove 5. Full BER encoding support. => remove 'full' b. Including built-in ASN1 types and user defined types. => remove Regards, Kai -----Original Message----- From: Li, Jiajia [mailto:[email protected]] Sent: Friday, March 11, 2016 9:29 AM To: [email protected] Subject: Apache Kerby 1.0.0-RC2 Release Note 105 JIRA issues were resolved and with the following Features and important changes since 1.0.0-RC1: 1. Anonymous PKINIT support(BETA): allows a client to obtain anonymous credentials without authenticating as any particular principal. 2. PKINIT in RSA case (75%). 3. Finished token support: a. Add ability to encrypt and sign using non-RSA keys; b. Get the verify key for signed JWT token from kdc config; c. Token issuer must be trusted as one of preconfigured issuers; d. Add support for decrypting JWT tokens in the KDC. 4. PKIX CMS/X509 support. 5. Full BER encoding support. 6. Improved the ASN1 framework: a. Separate Asn1 parser; b. Support decoding of primitive but constructed encoded types; c. Allow to define explicit and implicit fields more easily for collection types; d. Providing an API to use some useful ASN1 functions by consolidating existing utilities 7. Dump support for Asn1. a. provide an ASN1 dumping tool for troubleshooting b. Including built-in ASN1 types and user defined types. 8. Separate KrbClient, KrbTokenClient, and KrbPkinitClient APIs.
