remote pool_handle_t

[tlspool] / INSTALL

diff --git a/INSTALL b/INSTALL
index f44b055..60251e1 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -14,7 +14,10 @@ Runtime dependencies are:
  * p11-kit >= 0.22.1 for PKCS #11 URI handling
  * libdb >= 4.0 for key->value lookup with BerkeleyDB transactions/replication
  * libtasn1 for parsing of BER and DER data structures
- * NOT-YET: libldns for DNS lookups
+ * libldns for DNS lookups
+ * libunbound for more DNS lookups
+ * Quick-DER >= 1.2.3 for DER manipulation
+ * libkrb5 for Kerberos support
  * NOT-YET: libldap for LDAP lookups
  * NOT-YET: libmemcached for caching of intermediate results
  * NOT-YET: libradius to do additional authn / authz [/acct]
@@ -27,6 +30,16 @@ these dependencies when only a bit is kwown to be required.  That's the
 sort of maturity that this project has not reached yet.
 
 
+Build Packages
+--------------
+
+As a **sugestion** only, here are packages you should have installed
+before trying to build TLSPOOL.
+
+ - Debian
+   - libdb-dev libldns-dev libunbound-dev libkrb5-dev
+   - libgnutls-dev (you'll need one with DANE support)
+
 First-time build
 ----------------
 
@@ -101,6 +114,15 @@ the command; this is for SoftHSMv2::
 
        chown -R tlspool:tlspool /var/lib/softhsm/tokens/XXX
 
+To setup Kerberos authentication, you need to install the basic package,
+usually named `krb5-user` or `krb5-client`, depending on your distro.
+In `/etc/krb5.conf`, be sure to have this entry to guide the test
+domain names to our KDC::
+
+       [domain_realm]
+               # ...other entries...
+               tlspool.arpa2.lab = ARPA2.NET
+
 The following test demonstrates proper working of the TLS Pool based on
 the testdata and under the warnings above: