The superstitions gatekeeper had some bad luck, slipped on cvs and had
a horrible fall down on the release script.
In the confusion, Heimdal 0.8 escaped out the door and ran for the
freedom of certificates, digest processing, very big integers, and the
twisty maze of IMPLICIT encoded ASN.1 datagrams.
Changes in release 0.8
* PK-INIT support.
* HDB extensions support, used by PK-INIT.
* New ASN.1 compiler.
* GSS-API mechglue from FreeBSD.
* Updated SPNEGO to support RFC4178.
* Support for Cryptosystem Negotiation Extension (RFC 4537).
* A new X.509 library (hx509) and related crypto functions.
* A new ntlm library (heimntlm) and related crypto functions.
* Updated the built-in crypto library with bignum support using
imath, support for RSA and DH and renamed it to libhcrypto.
* Subsystem in the KDC, digest, that will perform the digest
operation in the KDC, currently supports: CHAP, MS-CHAP-V2, SASL
DIGEST-MD5 NTLMv1 and NTLMv2.
* KDC will return the "response too big" error to force TCP retries
for large (default 1400 bytes) UDP replies. This is common for
* Libkafs defaults to use 2b tokens.
* Default to use the API cache on Mac OS X.
* krb5_kuserok() also checks ~/.k5login.d directory for acl files,
see manpage for krb5_kuserok for description.
* Many, many, other update to code and info manual and manual pages.