[Freeipa-devel] FreeIPA v3 development

[Simo Sorce]

Dear fellow developers,

it is time to start thinking about v3 development.

The plan for v3 is to get cross-realm trust relationships with Windows
Domains so that Freeipa domains can interoperate with them seamlessly.

We need a lot of infrastructure based on Samba to achieve this goal, and
we also need to change some core components of the KDC to be able to
handle MS-PACs and other stuff.

I've started working on a new MIT KDC DAL plugin, and more code will
follow.

Since current FreeIPA development is still focused on getting out
FreeIPA v2.1 I had a chat with Rob and we decided to keep this new stuff
out of tree for a while. Once v2.1 is finalized and can be branched off
we will merge all the v3 code on top of master and officially turn
master in the v3.0 development branch.

Meanwhile I am keeping a semi-official branch in my fedorapeople git
repository.

The intention is to get all v3.0 patches still sent to the list, but
they will be applied to my repository until we are ready to branch off
2.1. so if a patch is for v3, make sure to clearly mark it as such!

My repository will be updated from time to time and force-rebased on top
of FreeIPA master. So if you decide to use it as a remote repository, be
prepared to reset/pull it from time to time.

The repo can be found here:
http://fedorapeople.org/gitweb?p=simo/public_git/freeipa.git;a=summary

There are already 9 patches that constitute the core work of a new
ipa-kdb backend. The work is not complete yet, but it is enough code to
request some REVIEW from fellow developers.
Please take a look at it and let me know in how many ways you do not
like it :-)
This code will be in a flux for some time. But as soon as I start
receiving patches that go on top of it I will stop touching these
patches except for the occasional rebase on top of the official master.


Comments are very welcome.

Simo.


-- 
Simo Sorce * Red Hat, Inc * New York