[Freeipa-devel] More types of replicas in FreeIPA
Ondrej Hamada
ondrej at hamada.cz
Wed Feb 13 18:34:00 UTC 2013
Dne 13.2.2013 14:36, Simo Sorce napsal(a):
> On Tue, 2013-02-12 at 19:30 -0500, Dmitri Pal wrote:
>
>> It looks like thinks are starting to boil down to building a Kerberos proxy.
>> Is this something that fits within your thesis agenda Ondra?
> I guess that's for Ondrej to say, if it is too much we can simply start
> working on the LDAP/replication side with rekeying and what not, and
> deal with the KDC part at a later time.
>
> Simo.
>
Working on the LDAP/repl side fits the thesis agenda better, so I would
like to go that way.
Rekeying - do you mean some sort of plugin for transporting the krb keys
from masters to consumers?
Besides securing transport of keys what else should be done in ldap?
I've only partial replication in my mind - I mean replication of entries
selected by some kind of ldap filters.
More information about the Freeipa-devel
mailing list