[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The state of the heimdal project

Michael B Allen wrote:
> Actually I have wondered from time to time why people don't use Heimdal
> MORE. 

Well for Ubuntu at least we are starting to look it it much
closer. This is mainly because Heimdal's implementation of
PKINIT is way ahead of the MIT version. We have the PKINIT
working against Windows AD using PIV smart cards via OpenSC.

We had the Heimdal PKINIT working on RedHat in the spring,
including smartcards for login via PAM. This week I am looking
at the debian/ubuntu libpam-heimdal-1.2.0 and what it takes to
add in the calls to PKINIT.

When MIT does release PKINIT we will look at it as well,
and expect Sun and HP to end up adopting the MIT version.

As many of our Linux desktops are starting to use Ubuntu,
it will come dome to easy of installation and features
that will determine which one is used on that desktop.

So far Heimdal works well with OpenAFS too.

> Or is Love a benevolent dictiator like Linus? If so, that is great
> as I much prefer that model but I admit it is problematic if he isn't
> committed full time.

I have found Love to be very responsive, and easy to work with.
I hope he has the time and funding to keep up the good work.


  Douglas E. Engert  <DEEngert@anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444