Shishi Summer of Code

[Simon Josefsson]

Hi all!

Shishi participate, through the GNU project, in the Google Summer of
Code, see:

http://code.google.com/soc/

You can earn USD 4500 for working on a Shishi project!

The ideas I had are available from:

http://www.gnu.org/software/soc-projects/ideas.html#shishi

and currently it include:

   1. Implement the set/change password protocol, see
      draft-ietf-krb-wg-kerberos-set-passwd-04.txt. This would make it
      possible to change passwords remotely, through a standardized
      protocol.

   2. Implement Public-Key Cryptography for Initial Authentication in
      Kerberos, see draft-ietf-cat-kerberos-pk-init-34.txt. This is
      another way to support X.509 authentication in Kerberos,
      compared to the one which Shishi already support through TLS.

   3. Implement cross-realm authentication logic.

   4. Implement functionality to read MIT/Heimdal configuration files
      and Kerberos ticket caches. This would enable drop-in use of
      Shishi where MIT/Heimdal is used today.

   5. Implement a LDAP backend for the Kerberos server.

I'm open to hear about other neat ideas, even if you are not
volunteering to be either mentor or student.

Btw, regarding 4, I just noticed this write-up of the MIT ticket cache
format, which seem quite useful:

http://mailman.mit.edu/pipermail/kerberos/2006-May/009708.html

There is a tool to extract Active Directory keytabs to the MIT keytab
format:

http://mailman.mit.edu/pipermail/kerberos/2006-May/009707.html

It doesn't seem difficult to implement it for Shishi by looking at the
writeup.

Cheers,
Simon