On 6/28/2017 1:17 AM, Russ Allbery wrote: > Nico Williams <n...@cryptonector.com> writes: > >> We do need better key mgmt support though. It'd nice to have automatic >> rekeying and expunging of keys too old to be needed for decrypting >> extant live tickets. > > Yes, please, or I will inflict my hideous shell script on you that does > this (using wallet).
I would be interested in hearing from the participants of this list whether or not it would be appropriate to ship some of the Secure Endpoints open source kerberos tooling as part of Heimdal: http://oskt.secure-endpoints.com/ In particular, Roland's krb5_admin, krb5_keytab, and the C variant of KNC. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature