On Tue, Jun 27, 2017 at 10:17:40PM -0700, Russ Allbery wrote: > Nico Williams <n...@cryptonector.com> writes: > > > We do need better key mgmt support though. It'd nice to have automatic > > rekeying and expunging of keys too old to be needed for decrypting > > extant live tickets. > > Yes, please, or I will inflict my hideous shell script on you that does > this (using wallet).
Us maintainers mostly don't depend on Heimdal doing this, so there's relatively little incentive for us to add it :( If I had to the time for this I'd spend it on other things I want to do in Heimdal. Completely revamping the GSS mechglue is high on my list.