[Freeipa-devel] Final preparations for FreeIPA 4.2 GA

[Martin Kosek]

Hello all,

Let us do final check before FreeIPA 4.2 GA! With One-Way patch set and KRA
final patch pushed, there is just a little bit of work left. From FreeIPA 4.2
milestone tickets, I see:

#4238	[RFE] Provide ability to map CAC identity certificates to users in IdM
#5045	Add support for multiple host/service certificates in webUI
#5046	Add support for user certificates in WebUI

- Waiting on Petr Vobornik's final touch.

#5103	Update 4.2 Requires in the spec file

- This is a must, not every feature owner updated spec file with the lastest
version (like certmonger or sssd for One-Way Trusts). Please double check spec
file and provide the right minimal versions to avoid RPM issues.

#5095	Be able to request certificates without certmonger service running

- WIP by Honza and David. Not a must for GA though, can be postponed to 4.2.1

#5096	cert-request: enforce caacl for subjectAltName principals

- Patch on review

#4768	[RFE] Add option to skip the verify_client_version and proceed at own risk

- Honza found a problem with this patch, working a repair right now.


If anyone knows about anything blocking GA, please reply to this thread. I
would like to encourage everyone to at least smoke test their and other
features, so that we capture any last problem before tagging and release.

Finally, I prepared 4.2.0 release notes draft, updates welcome:
http://www.freeipa.org/page/Releases/4.2.0

I also updated
http://www.freeipa.org/page/Releases/4.2.0.alpha1
with regards to postponed Topology feature.

Thanks for help!

-- 
Martin Kosek <mkosek at redhat.com>
Supervisor, Software Engineering - Identity Management Team
Red Hat Inc.