Apache Kerby 1.0.0-RC2 Release Note
105 JIRA issues were resolved and with the following Features and important changes since 1.0.0-RC1:
- Anonymous PKINIT support(BETA): allows a client to obtain anonymous credentials without authenticating as any particular principal.
- Finished token support:
- Add ability to encrypt and sign using non-RSA keys;
- Get the verify key for signed JWT token from kdc config;
- Token issuer must be trusted as one of preconfigured issuers;
- Add support for decrypting JWT tokens in the KDC.
- PKIX CMS/X509 support.
- BER encoding support.
- Improved the ASN1 framework:
- Separate Asn1 parser;
- Support decoding of primitive but constructed encoded types;
- Allow to define explicit and implicit fields more easily for collection types;
- Providing an API to use some useful ASN1 functions by consolidating existing utilities
- Dump support for Asn1.
- provide an ASN1 dumping tool for troubleshooting
- Separate KrbClient, KrbTokenClient, and KrbPkinitClient APIs.