Thanks for Kai's suggestion! And I will also update it in website.
105 JIRA issues were resolved and with the following Features and important
changes since 1.0.0-RC1:
1. Anonymous PKINIT support(BETA): allows a client to obtain anonymous
credentials without authenticating as any particular principal.
2. Finished token support:
a. Add ability to encrypt and sign using non-RSA keys;
b. Get the verify key for signed JWT token from kdc config;
c. Token issuer must be trusted as one of preconfigured issuers;
d. Add support for decrypting JWT tokens in the KDC.
3. PKIX CMS/X509 support.
4. BER encoding support.
5. Improved the ASN1 framework:
a. Separate Asn1 parser;
b. Support decoding of primitive but constructed encoded types;
c. Allow to define explicit and implicit fields more easily for collection
types;
d. Providing an API to use some useful ASN1 functions by consolidating
existing utilities.
6. Dump support for Asn1.
a. provide an ASN1 dumping tool for troubleshooting
7. Separate KrbClient, KrbTokenClient, and KrbPkinitClient APIs.
-----Original Message-----
From: Zheng, Kai [mailto:[email protected]]
Sent: Friday, March 11, 2016 11:11 AM
To: [email protected]
Subject: RE: Apache Kerby 1.0.0-RC2 Release Note
Hi Jiajia,
I'd like to suggest make the following changes to be more accurately. Thanks.
2. PKINIT in RSA case (75%). => remove
5. Full BER encoding support. => remove 'full'
b. Including built-in ASN1 types and user defined types. => remove
Regards,
Kai
-----Original Message-----
From: Li, Jiajia [mailto:[email protected]]
Sent: Friday, March 11, 2016 9:29 AM
To: [email protected]
Subject: Apache Kerby 1.0.0-RC2 Release Note
105 JIRA issues were resolved and with the following Features and important
changes since 1.0.0-RC1:
1. Anonymous PKINIT support(BETA): allows a client to obtain anonymous
credentials without authenticating as any particular principal.
2. PKINIT in RSA case (75%).
3. Finished token support:
a. Add ability to encrypt and sign using non-RSA keys;
b. Get the verify key for signed JWT token from kdc config;
c. Token issuer must be trusted as one of preconfigured issuers;
d. Add support for decrypting JWT tokens in the KDC.
4. PKIX CMS/X509 support.
5. Full BER encoding support.
6. Improved the ASN1 framework:
a. Separate Asn1 parser;
b. Support decoding of primitive but constructed encoded types;
c. Allow to define explicit and implicit fields more easily for collection
types;
d. Providing an API to use some useful ASN1 functions by consolidating
existing utilities 7. Dump support for Asn1.
a. provide an ASN1 dumping tool for troubleshooting
b. Including built-in ASN1 types and user defined types.
8. Separate KrbClient, KrbTokenClient, and KrbPkinitClient APIs.
